Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-1338 PoC — NUUO Camera handle_config.php print_file command injection

Source
https://github.com/jxcaxtc/CVE-2025-1338
Associated Vulnerability
Title:NUUO Camera handle_config.php print_file command injection (CVE-2025-1338)
Description:A vulnerability was found in NUUO Camera up to 20250203. It has been declared as critical. This vulnerability affects the function print_file of the file /handle_config.php. The manipulation of the argument log leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Description
 This repository contains a proof-of-concept exploit script for CVE-2025-1338
Readme
# CVE-2025-1338
 This repository contains a proof-of-concept exploit script for CVE-2025-1338
 1.Introduction to NUUO-Camera
 NUUO camera is a network video recorder (NVR) produced by NUUO Company in Taiwan Province, China. It is widely used in many fields such as retail, transportation, education, government and banking.
 
2.Introduction to the vulnerability
 NUUO Camera 20250203 and earlier has an injection vulnerability, which originates from command injection in handle_config.php and __debugging_center_utils___.php with parameter log.
 • First inclusion: February 16, 2025
 • Impact version: version<=20250203
 • Exploit number: CVE-2025-1338

3.Use
 
 Example: python CVE-2025-1338.py -f url.txt -t 100  
 Parameter description:
 - `-f / --file`: Required. Path to the file containing the list of target URLs (one URL per line, supports both http and https).
- `-t / --threads`: Optional. Number of concurrent threads for detection. Default value is 10 (it is recommended not to exceed 200).
- `-o / --output`: Optional. Path to the output file for saving results. Default file name is "nuao_rce_results.txt" (only saves targets with vulnerabilities).
- `-v / --version`: Optional. Displays the help information for the script (same function as --help).
File Snapshot

 [4.0K]  /data/pocs/ee74a243f26f0d72080dc93ba260339649b8135b
├── [6.4K]  CVE-2025-1338.py
└── [1.2K]  README.md

1 directory, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →