CVE-2018-6940

Published: 20/02/2018 Updated: 24/08/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nat32 nat32 2.2

[+] Credits: hyp3rlinx [+] Website: hyp3rlinxaltervistaorg [+] Source: hyp3rlinxaltervistaorg/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CVE-2018-6940txt [+] ISR: Apparition Security [-_-] D1rty0tis Vendor: ============= wwwnat32com Product: ================= NAT32 Build (22284) NAT32 is a versatile IP Router implemented as a ...

NAT32 Build 22284 suffers from a remote command execution vulnerability ...

CWE-352 CWE-79 https://www.exploit-db.com/exploits/44033/http://packetstormsecurity.com/files/146373/NAT32-Build-22284-Remote-Command-Execution.html http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CVE-2018-6940.txt http://www.securityfocus.com/archive/1/541777/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/44033/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-6940

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect