{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T07:28:54.364","vulnerabilities":[{"cve":{"id":"CVE-2018-17936","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2018-11-27T20:29:00.893","lastModified":"2024-11-21T03:55:14.620","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution."},{"lang":"es","value":"NUUO CMS, en todas las versiones 3.3 y anteriores, la aplicación permite la subida de archivos arbitrarios que pueden modificar o sobrescribir los archivos de configuración en el servidor, lo que podría permitir la ejecución remota de código."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nuuo:nuuo_cms:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3","matchCriteriaId":"6CA98D66-DA8F-4599-907C-4788E7940539"}]}]}],"references":[{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02","source":"ics-cert@hq.dhs.gov","tags":["Mitigation","Third Party Advisory","US Government Resource"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Third Party Advisory","US Government Resource"]}]}}]}