CVE-2016-5675

handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.

BID: http://www.securityfocus.com/bid/92318
CERT-VN: http://www.kb.cert.org/vuls/id/856152
EXPLOIT-DB: https://www.exploit-db.com/exploits/40200/
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5675

8 years
231 countries
213k users
1371k calculations
Logo reolink.com
Logo secutek.cz
Logo www.i4wifi.cz
Logo blog.camcloud.com
Logo sectech.co.nz
Logo www.systemy-stech.cz