Main
Vulnerability Database
Exploits
ID:6270 - Exploit for Command injection in NAT32 - CVE-2018-6940
ID:6270 - Exploit for Command injection in NAT32 - CVE-2018-6940
Published: June 17, 2021
Vulnerability identifier: #VU10653
Vulnerability risk: High
CVE-ID: CVE-2018-6940
CWE-ID: CWE-77
Exploitation vector: Remote access
Vulnerable software:
NAT32
NAT32
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to execute arbitrary command on the target system.
The weakness exists due to an error within the Password Checking feature. An attacker can disable Password Checking, inject and execute arbitrary commands.
The weakness exists due to an error within the Password Checking feature. An attacker can disable Password Checking, inject and execute arbitrary commands.
Remediation
Cybersecurity is currently unaware of any solutions addressing the vulnerability.