CVEbuzz logo
This website displays data collected from external sources, and is not responsible for any aspect of it. Read more...

Security / vulnerability advisories for Nat32 2.2

Titles listed in dictionary

CPE for product: cpe:2.3:a:nat32:nat32:2.2:*:*:*:*:*:*:*

Showing 1-2 of 2
Maximal damage 8.8
Easy to exploit
(other affected products) Published: Tue Feb 20 15:29:00 2018 UTC. Last Modified: Tue Mar 13 18:43:00 2018 UTC
CPE matches: cpe:2.3:a:nat32:nat32:2.2:*:*:*:*:*:*:*

Description

A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS.

Damage

Attack conditions

Damage and attack conditions obtained from CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (CVSSv3)

Type of bug(s)

References

Medium-low damage 6.1
Easy to exploit
(other affected products) Published: Tue Feb 20 15:29:00 2018 UTC. Last Modified: Mon Aug 24 17:37:00 2020 UTC
CPE matches: cpe:2.3:a:nat32:nat32:2.2:*:*:*:*:*:*:*

Description

A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF.

Damage

Attack conditions

Damage and attack conditions obtained from CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N (CVSSv3)

Type of bug(s)

References