Main
Vulnerability Database
Exploits
ID:6269 - Exploit for Cross-site request forgery in NAT32 - CVE-2018-6941
ID:6269 - Exploit for Cross-site request forgery in NAT32 - CVE-2018-6941
Published: June 17, 2021
Vulnerability identifier: #VU10651
Vulnerability risk: Low
CVE-ID: CVE-2018-6941
CWE-ID: CWE-352
Exploitation vector: Remote access
Vulnerable software:
NAT32
NAT32
Link to public exploit:
Vulnerability description
The vulnerability allows a remote unauthorized attacker to perform CSRF attack.
The weakness exists due to improper validation of user-supplied input by the HTTPD component. A remote attacker can create a specially crafted HTTP request, trick the victim into visiting it, perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
The weakness exists due to improper validation of user-supplied input by the HTTPD component. A remote attacker can create a specially crafted HTTP request, trick the victim into visiting it, perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
Remediation
Cybersecurity is currently unaware of any solutions addressing the vulnerability.