CVE-2018-14933βNUUO NVRmini Devices OS Command Injection Vulnerability
PUBLISHEDvulnerability record
2024-12-18 Β· last modified June 21, 2025
Metadata
Vulnerability Name
NUUO NVRmini Devices OS Command Injection Vulnerability
Description
NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.
Known To Be Used in Ransomware Campaigns?
Action
The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.