vendor:
NVR SP2 2.0
by:
shinnai
7.5
CVSS
HIGH
Insecure Method
94
CWE
Product Name: NVR SP2 2.0
Affected Version From: NVR SP2 2.0
Affected Version To: NVR SP2 2.0
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows XP Professional SP2
2007
NVR SP2 2.0 nvUtility.Utility.1 (nvUtility.dll v. 1.0.14.0) “SaveXMLFile()” Insecure Method
This exploit targets the "SaveXMLFile()" method in NVR SP2 2.0 nvUtility.Utility.1 (nvUtility.dll v. 1.0.14.0). It allows an attacker to execute arbitrary commands on the target system.
Mitigation:
To mitigate this vulnerability, it is recommended to update to a patched version of NVR SP2 2.0 that addresses this issue.