#VU10651 Cross-site request forgery in NAT32 - CVE-2018-6941

Cybersecurity Help s.r.o.

Published: 2018-02-19 | Updated: 2021-06-17

Vulnerability identifier: #VU10651

Vulnerability risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2018-6941

CWE-ID: CWE-352

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
NAT32
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: NAT Software

Description
The vulnerability allows a remote unauthorized attacker to perform CSRF attack.

The weakness exists due to improper validation of user-supplied input by the HTTPD component. A remote attacker can create a specially crafted HTTP request, trick the victim into visiting it, perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

Mitigation
Cybersecurity is currently unaware of any solutions addressing the vulnerability.

Vulnerable software versions

NAT32: 2.2

External links
https://www.exploit-db.com/exploits/44034/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in NAT32