Lucene search
K

6 matches found

NVD
NVD
added 2018/02/20 3:29 p.m.15 views

CVE-2018-6941

A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS...

8.8CVSS9.1AI score0.03544EPSS
Exploits5References3
CVE
CVE
added 2018/02/20 3:0 p.m.55 views

CVE-2018-6941

CVE-2018-6941 describes a CSRF vulnerability in NAT32 v2.2 Build 22284 HTTPD that can enable Remote Code Execution when an authenticated NAT32 user visits a malicious link or page. Public writeups/PoCs (e.g., Exploit-DB, PacketStorm) illustrate a payload like /shell?cmd= and document that no chec...

8.8CVSS9AI score0.03544EPSS
Exploits5References3Affected Software1
0day.today
0day.today
added 2018/02/14 12:0 a.m.27 views

NAT32 2.2 Build 22284 - Cross-Site Request Forgery Vulnerability

Exploit for windows platform in category web applications + Credits: hyp3rlinx Vendor: ============= www.nat32.com Product: =========== NAT32 Build 22284 NAT32® is a versatile IP Router implemented as a WIN32 application. Vulnerability Type: =================== Remote Command Execution CSRF CVE...

6.8CVSS0.03544EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/14 12:0 a.m.21 views

NAT32 2.2 Build 22284 - Cross-Site Request Forgery

NAT32 2.2 Build 22284 - Cross-Site Request Forgery + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CSRF-CVE-2018-6941.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Produc...

6.8CVSS0.6AI score0.03544EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/02/14 12:0 a.m.36 views

NAT32 Build 22284 Remote Command Execution / CSRF

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CSRF-CVE-2018-6941.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Product: =========== NAT32 Build 22284 NAT32r is a...

8.7AI score0.03544EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/14 12:0 a.m.79 views

NAT32 2.2 Build 22284 - Cross-Site Request Forgery

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CSRF-CVE-2018-6941.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Product: =========== NAT32 Build 22284 NAT32® is a...

8.8CVSS8.8AI score0.03544EPSS
Exploits5
Rows per page
Query Builder