Skip to main content
CVE-2016-5674 CRITICAL POC THREAT Emergency

__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 89.4%.

Netgear PHP RCE Readynas Surveillance Nvrmini 2 +1
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
89.4%
Threat
6.1
CVE-2016-5675 CRITICAL POC THREAT Emergency

handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 73.1%.

Netgear PHP RCE Readynas Surveillance Crystal +2
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
73.1%
Threat
5.7
CVE-2016-5678 CRITICAL POC THREAT Emergency

NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 38.2%.

Authentication Bypass Nvrmini 2 Nvrsolo
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
38.2%
Threat
4.6
CVE-2016-5336 CRITICAL PATCH Act Now

VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE VMware Vrealize Automation
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2016-5333 CRITICAL Act Now

VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

VMware Authentication Bypass Photon Os
NVD
CVSS 3.0
9.8
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy