Nuuo · Nuuo Nvrmini · CVE-2018-14933
**Name of the Vulnerable Software and Affected Versions**
NUUO NVRmini devices (affected versions not specified)
**Description**
The issue allows for remote command execution via shell metacharacters in the `uploaddir` parameter for a "writeuploaddir" command in the "upgrade handle.php" file on NUUO NVRmini devices.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.