CVE-2022-23227CISA KEV: Actively Exploited

NUUO NVRmini2 Devices Missing Authentication Vulnerability

Published Dec 18, 2024·Updated Dec 18, 2024

Description

NUUO NVRmini2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free