Remote Code Execution Vulnerability in NAT32 v2.2 Build 22284 Devices

Remote Code Execution Vulnerability in NAT32 v2.2 Build 22284 Devices

CVE-2018-6940 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF.

Learn more about our Web Application Penetration Testing UK.