GCVE - cpe:2.3:o:nuuo:nvrsolo:1.3.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:nuuo:nvrsolo:1.3.0:*:*:*:*:*:*:*

part: o version: 1.3.0 update: *

Vendor	Nuuo (`9d792d33-2f8a-5712-a46c-4352a0a63a8f`)
Product	Nvrsolo (`396d565a-5dd6-5150-abec-83458311def8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2016-5678`	vulnerable	2026-06-03 14:35:55.579999	Details available NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors. Published: 2016-08-31T15:00:00.000Z Updated: 2024-08-06T01:08:00.435Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/856152 http://www.securityfocus.com/bid/92318 https://www.exploit-db.com/exploits/40200/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-5677`	vulnerable	2026-06-03 14:35:55.565370	Details available NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php request. Published: 2016-08-31T15:00:00.000Z Updated: 2024-08-06T01:07:59.947Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/856152 http://www.securityfocus.com/bid/92318 https://www.exploit-db.com/exploits/40200/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-5675`	vulnerable	2026-06-03 14:35:55.563005	Details available handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter. Published: 2016-08-31T15:00:00.000Z Updated: 2024-08-06T01:07:59.881Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/856152 http://www.securityfocus.com/bid/92318 https://www.exploit-db.com/exploits/40200/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.