Vulnerability Details : CVE-2016-5675
Public exploit exists!
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.
Vulnerability category: Input validation
Products affected by CVE-2016-5675
- cpe:2.3:a:netgear:readynas_surveillance:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:netgear:readynas_surveillance:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:netgear:readynas_surveillance:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:netgear:readynas_surveillance:1.3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:netgear:readynas_surveillance:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:netgear:readynas_surveillance:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:netgear:readynas_surveillance:1.3.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:netgear:readynas_surveillance:1.2.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrmini_2:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrmini_2:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrmini_2:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrmini_2:1.7.6:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrmini_2:1.7.5:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:2.3.9.6:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:2.3.7.10:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:1.75:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:2.1.5:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:2.3.7.9:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:2.3.1.20:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:1.1.0.117:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:2.3:*:*:*:*:*:*:*
- cpe:2.3:o:nuuo:nvrsolo:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:nuuo:crystal:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:nuuo:crystal:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:nuuo:crystal:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:nuuo:crystal:3.0.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-5675
38.24%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2016-5675
-
NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution
Disclosure Date: 2016-08-04First seen: 2020-04-26exploit/linux/http/nuuo_nvrmini_auth_rceThe NVRmini 2 Network Video Recorder, Crystal NVR and the ReadyNAS Surveillance application are vulnerable to an authenticated remote code execution on the exposed web administration interface. An administrative account is needed to exploit this vulnerability. This r
CVSS scores for CVE-2016-5675
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-5675
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-5675
-
http://www.kb.cert.org/vuls/id/856152
VU#856152 - NUUO and Netgear Network Video Recorder (NVR) products web interfaces contain multiple vulnerabilitiesThird Party Advisory;US Government Resource
-
https://www.exploit-db.com/exploits/40200/
NUUO NVRmini2 / NVRsolo / Crystal Devices / NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
-
http://www.securityfocus.com/bid/92318
NUUO and Netgear Network Multiple Products Multiple Security Vulnerabilities
Jump to