Remote Code Execution Vulnerability in NAT32 v2.2 Build 22284 Devices

Remote Code Execution Vulnerability in NAT32 v2.2 Build 22284 Devices

CVE-2018-6941 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS.

Learn more about our Web Application Penetration Testing UK.