CVE-2024-2995

CVSS 3.1 Score 5.0 of 10 (medium)

Details

Published Mar 27, 2024

Updated: May 17, 2024

CWE ID 532

Summary

CVE-2024-2995 is a newly disclosed vulnerability affecting NUUO Camera versions up to 20240319. This issue is classified as a denial-of-service (DoS) vulnerability and stems from an unspecified processing flaw in the /deletefile.php file. By manipulating the argument filename, an attacker can trigger the DoS condition. The attack can be initiated remotely, and the exploit has been made public. The vendor, NUUO, was contacted about this disclosure but did not respond. The vulnerability has been assigned the identifier VDB-258197.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vJ_LI5
https://www.cve.org/CVERecord?id=CVE-2024-2995
https://nvd.nist.gov/vuln/detail/CVE-2024-2995

Back to Vulnerability Database

CVE-2024-2995

CVSS 3.1 Score 5.0 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations