Loading
handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter.
Use CWE-20, Netgear vendor hub and Readynas Surveillance product page to widen CVE-2016-5675 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2016-5674, CVE-2016-11056 and CVE-2016-5680 for nearby disclosures in the same product family.