← Back to Search

NUUO (NVRmini2 Devices)

2024-12-18 · Severity 5/10 — Medium · Unknown
Incident Summary

NUUO NVRmini2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users.

Sources
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Details
Records Affected
Unknown
Industry
Technology
Headquarters
Date Reported
2024-12-18
Related Breaches

No related breaches in the last 90 days.