21 matches found
EUVD-2018-18684
Malware in sbrugna...
EUVD-2018-18685
Malware in sbrugna...
NAT32 HTTPD Cross-Site Scripting Vulnerability
NAT32 is a network sharing application. A cross-site scripting vulnerability exists in the NAT32 HTTPD component, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code that can be used to obtain sensitive information or hijack a user session when...
CVE-2018-6940
A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF...
CVE-2018-6941
A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS...
Design/Logic Flaw
A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF...
CVE-2018-6940
A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF...
Cross site request forgery (csrf)
A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS...
CVE-2018-6941
A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS...
CVE-2018-6940
CVE-2018-6940 describes a Remote Command Execution risk in NAT32 v2.2 Build 22284 through the HTTPD interface. The vulnerability stems from a /shell?cmd= endpoint exposed on NAT32’s web UI ( port 8080 ) that could allow attackers to execute commands, potentially via CSRF as indicated by multiple ...
CVE-2018-6940
A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF...
CVE-2018-6941
A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS...
CVE-2018-6941
CVE-2018-6941 describes a CSRF vulnerability in NAT32 v2.2 Build 22284 HTTPD that can enable Remote Code Execution when an authenticated NAT32 user visits a malicious link or page. Public writeups/PoCs (e.g., Exploit-DB, PacketStorm) illustrate a payload like /shell?cmd= and document that no chec...
NAT32 2.2 Build 22284 - Cross-Site Request Forgery Vulnerability
Exploit for windows platform in category web applications + Credits: hyp3rlinx Vendor: ============= www.nat32.com Product: =========== NAT32 Build 22284 NAT32® is a versatile IP Router implemented as a WIN32 application. Vulnerability Type: =================== Remote Command Execution CSRF CVE...
NAT32 2.2 Build 22284 - Cross-Site Request Forgery
NAT32 2.2 Build 22284 - Cross-Site Request Forgery + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CSRF-CVE-2018-6941.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Produc...
NAT32 2.2 Build 22284 - Remote Command Execution
NAT32 2.2 Build 22284 - Remote Command Execution + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CVE-2018-6940.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Product:...
NAT32 2.2 Build 22284 - Cross-Site Request Forgery
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CSRF-CVE-2018-6941.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Product: =========== NAT32 Build 22284 NAT32® is a...
NAT32 2.2 Build 22284 - Remote Command Execution
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CVE-2018-6940.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Product: ================= NAT32 Build 22284 NAT32 is a...
NAT32 2.2 Build 22284 - Remote Command Execution Vulnerability
Exploit for windows platform in category web applications + Credits: hyp3rlinx Vendor: ============= www.nat32.com Product: ================= NAT32 Build 22284 NAT32 is a versatile IP Router implemented as a WIN32 application. Vulnerability Type: =================== Remote Command Execution CVE...
NAT32 Build 22284 Remote Command Execution / CSRF
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CSRF-CVE-2018-6941.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Product: =========== NAT32 Build 22284 NAT32r is a...