Vulnerability
The NUUO NVRmini 2 is a small and portable NVR having NAS capabilities. A file disclosure vulnerability exists in NUUO NVRmini, NVRmini2, Crystal, and NVRSolo. when input passes through the ‘css’ parameter to ‘css_parser.php’ script is not appropriately verified before being used to include files. This can be used to reveal the contents of files stored on local resources.
Mitigation / Precaution
In order to patch this vulnerability, Update NUUO NVRmini 2 to latest version.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
