NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handle_load_config.php.
network_video_recorder_firmware
CVE-2022-25521
NUUO v03.11.00 was discovered to contain access control issue.