NUUO NVRmini 2 3.0.8 - Remote Code Execution

What is "NUUO NVRmini 2 3.0.8 - Remote Code Execution?"

The "NUUO NVRmini 2 3.0.8 - Remote Code Execution" module is designed to detect the presence of a critical vulnerability in the NUUO NVRmini 2 version 3.0.8 software. This module specifically targets the NUUO NVRmini 2 software and checks for the ability of remote attackers to execute arbitrary code on the targeted system.

Impact

If successfully exploited, this vulnerability allows remote attackers to execute arbitrary code on the targeted system. This can lead to unauthorized access, data breaches, and potential compromise of the entire system.

How the module works?

The module sends an HTTP request to the target system using the "/upgrade_handle.php?cmd=writeuploaddir&uploaddir=%27;whoami;%27" path. It then checks the response for specific conditions to determine if the vulnerability is present.

The matching conditions include:

- The response body must contain the phrase "/upload_tmp_dir/". - The HTTP response status code must be 200.

If both conditions are met, the module reports the vulnerability.

Note: This module is specifically designed for the NUUO NVRmini 2 version 3.0.8 software and may not be applicable to other versions or software.