A new research has demonstrated a technique that allows an attacker to bypass firewall protection and remotely access any TCP/UDP service on a victim machine. The method involves sending the target a link to a malicious site (or a legitimate site loaded with malicious ads) that, when visited, triggers the gateway to open any port on the victim, thereby circumventing browser-based port restrictions. The technique was carried out using a NetGear Nighthawk R7000 router running Linux kernel version 2.6.36.36.
Source: https://thehackernews.com/2020/11/new-natfirewall-bypass-attack-lets.html