NUUO Firmware Vulnerabilities Disclosed by Digital Defense, Inc. Researchers | Linux Today

NUUO Firmware Vulnerabilities Disclosed by Digital Defense, Inc. Researchers

Written By
DDi
Digital Defense, inc.
Nov 30, 2018

Digital Defense, Inc., a leading security technology and services provider, today announced that its Vulnerability Research Team (VRT) discovered a previously undisclosed vulnerability in NUUO NVRmini2 Network Video Recorder firmware. NVRmini2 firmware version 3.9.1 and prior is vulnerable to an unauthenticated remote buffer overflow that could potentially be leveraged by an attacker to execute arbitrary code on the system with root privileges. This could allow the attacker to access and/or modify the camera feeds to the NVR and change the configuration or recordings on the NVR.
What You Can Do
Information regarding the security fixes can be obtained through NUUO.

Details of the individual vulnerabilities can be found on the Digital Defense blog.

Tom DeSot, EVP/Chief Information Officer at Digital Defense, said, ???NUUO has worked closely with our VRT to ensure a fix is available to organizations utilizing the affected firmware. NUUO???s rapid response to the identification of the issue and collaboration has resulted in a quick resolution.???

Digital Defense Research Methodology and Practices
The Digital Defense VRT regularly works with organizations in the responsible disclosure of zero-day vulnerabilities. The expertise of the VRT when coupled with the company’s next generation hybrid cloud platform, Frontline Vulnerability Manager, enables early detection capabilities. When zero-days are discovered and internally validated, the VRT immediately contacts the affected vendor to notify the organization of the new finding(s) and then assists, wherever possible, with the vendor’s remediation actions.

About Digital Defense
Serving clients across numerous industries, Digital Defense’s innovative and leading-edge technology helps organizations safeguard sensitive data and eases the burdens associated with information security. Frontline.Cloud, the original Security SaaS platform, delivers unparalleled accuracy and efficiencies through multiple systems including Frontline Vulnerability Manager (Frontline VM???), Frontline Web Application Scanning (Frontline WAS???), Frontline Active Threat Sweep??? (Frontline ATS???) and Frontline Pen Test???, while SecurED??, the company’s security awareness training, promotes employees??? security-minded behavior. The Digital Defense Frontline suite of products, underpinned by patented technology and complemented with superior service and support, are highly-regarded by industry experts, as illustrated by the company’s designation as 2018 Global Vulnerability Management Customer Value Leadership Award, #10 ranking in Black Book Market Research’s list of Compliance & Risk Management Solutions, five-star review in SC Magazine, and inclusion in CRn’s MSP 500.

Contact Digital Defense at 888-273-1412; visit www.digitaldefense.com, our blog, LinkedIn, or follow @Digital_Defense on Twitter.

DDi

Digital Defense, inc.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.