| Title | NUUO NUUO Came handle_config.php Command Injection |
|---|
| Description | The handle_config.
php file in NUUO cameras is vulnerable to command execution.
Attackers can exploit this vulnerability by crafting specific HTTP requests to
execute arbitrary commands on the target system. This vulnerability can be
exploited without authentication and affects a wide range of devices used globally
by multiple subsidiaries.
Pass the `log` parameter to concatenate it into the `print_file` function. |
|---|
| Source | ⚠️ https://pan.baidu.com/s/1YW52iM0ehUfFKa_CiTHBjQ?from=init&pwd=kqec |
|---|
| User | alc9700 (UID 79368) |
|---|
| Submission | 02/03/2025 06:55 (1 Year ago) |
|---|
| Moderation | 02/15/2025 15:43 (12 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 295954 [NUUO Camera up to 20250203 /handle_config.php print_file log command injection] |
|---|
| Points | 20 |
|---|