Use of Default Credentials to Unauthorised Remote Access of Internal Panel of Network Video recorder of NUUO
👨🏼💻Discovered by Dnyanesh A. Gawande
📝Published on 24–03–2022.
📄Vulnerable version ≤ 1.0
🔗Vendor Homepage: https://nuuo.com/
CVE ID : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25521
Bug Description:
A vulnerability in the Nuuo Web Network video recorder Interface on Version 1.0 and Below Could allow an Unauthenticated Remote User to access a sensitive part of the system with a high privileged account.
This Vulnerability is Due to the Presence of a Default Account that has a default username “admin” and default password “admin” in it. An attacker could exploit this vulnerability by using this default account to connect to the affected system. A successful exploit could allow the attacker to obtain read and write access to system data, including the configuration of the affected devices. The attacker would gain access to a sensitive portion of the system and have full administrative rights to control the device. Leading to an Increase in the Severity of the Vulnerability.
Attack Vector:
A Malicious attacker could exploit this vulnerability by remotely Logging in into an affected system by using the Default Credentials.
Steps to Reproduce:
- Go to the NUUO admin panel.
2. After this you can give the username “admin” and the password “admin” and click on log in.
3. Now when you are Redirected to the Administrative Panel of video recorder, you will be able to Read and Control the Device and also be able to change the device’s Configuration Remotely.
Proof Of Concept :
Dork to Find
You Can Use the Below Dork to Find the Devic Affected. Be Responsible Before Exploiting this Bug.
Shodan : Nuuo
Thank You for reading :)
