SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP NUUO NVRmini upgrade_handle.php command injection attempt
This event is generated when an attempt to exploit CVE-2018-14933 is detected. Impact: Web Application Attack Details: NUUO NVRmini IP camera contains a command injection vulnerability in its writeuploaddir command in the upgrade_handle.php file. Due to lack of input sanitation, an attacker can force commands to be executed through that page. Ease of Attack: Simple, at least two known proofs of concept exist.
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2018-14933 |
Loading description
|