NUUO CMS Vulnerability Analysis: RCE via SQLi, Path Traversal, Hardcoded Credentials (CVE-2018-17888, 17890, 17892, 17894, 17934, 17936, 18982)

Critical Vulnerability Information Vulnerability Overview CVSS v3 Score: 9.8 Risk Level: Remotely exploitable, requires low skill level Vendor: NUUO Affected Devices: CMS Software Management Platform Vulnerability Types: - Use of Insufficiently Random Values (CWE-330) - Use of Obsolete Functions (CWE-477) - Improper Permission Assignment for Critical Resources (CWE-732) - Use of Hard-coded Credentials (CWE-798) - Path Traversal (CWE-22) - Unrestricted Upload of Dangerous File Types (CWE-434) - SQL Injection (CWE-89) Affected Versions CMS 3.1 and later versions are affected Risk Assessment Successful exploitation of these vulnerabilities could lead to arbitrary remote code execution Technical Details Specific Vulnerabilities: - CVE-2018-17888: Use of Insufficiently Random Values - CVE-2018-17890: Use of Obsolete Functions - CVE-2018-17892: Improper Permission Assignment for Critical Resources - CVE-2018-17894: Use of Hard-coded Credentials - CVE-2018-17934: Path Traversal - CVE-2018-17936: Unrestricted Upload of Dangerous File Types - CVE-2018-18982: SQL Injection Deployment Regions and Affected Sectors Critical Infrastructure Sectors: Commercial Facilities, Financial Services, Government Facilities, Healthcare and Public Health, Transportation Systems Deployment Regions: Global Vendor Headquarters Location: Taiwan Vulnerability Discloser Pedro Ribeiro reported these vulnerabilities to NCCIC Mitigation Measures Upgrade to firmware v3.3 or the latest version Limit network exposure of control systems; ensure they are not directly exposed to the internet Place control system networks and remote devices behind firewalls, isolated from business networks When remote access is required, use secure methods such as Virtual Private Networks (VPN), ensuring they are up to date Conduct risk assessment and impact analysis before deploying protective measures

Goal Reached Thanks to every supporter — we hit 100%!

NUUO CMS Vulnerability Analysis: RCE via SQLi, Path Traversal, Hardcoded Credentials (CVE-2018-17888, 17890, 17892, 17894, 17934, 17936, 18982)