CVE-2018-6941

A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in…

mitre·CWE-352·Published 2018-02-20

CVSS

—

EPSS

0.04

KEV

Exploits

cve.orgen

161 chars

A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS.

NVDen

161 chars

A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS.

NVDes

180 chars

Existe un problema de CSRF /shell?cmd= en el componente HTTPD de los dispositivos NAT32 v2.2 Build 22284 que puede ser explotado para ejecutar código de forma remota junto con XSS.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	8.8	2.8	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H