I think understand what GP is saying; if you manage to get a packet to the internet port of the NAT router with a destination IP of e.g. 192.168.0.123, and the NAT router is running a generic IPv4 routing stack, it will dutifully route it to the internal network.
This can be done by compromising another host on the same link. It can also be done if anything on the same link (including the router itself) is running an improperly configured tunneling setup that lets the attacker send e.g. an IP-in-IP packet that gets unwrapped. The NAT has made it much harder to get a packet establishing an inbound connection to the router, but doesn't actually prevent the establishment of a connection should such a packet get there.
Compare to a default-deny firewall with public addresses on the LAN. Any inbound connections will be dropped, by definition; the lack of NAT makes it trivial to get a packet to the firewall itself, but once it's there, it won't get through.
This can be done by compromising another host on the same link. It can also be done if anything on the same link (including the router itself) is running an improperly configured tunneling setup that lets the attacker send e.g. an IP-in-IP packet that gets unwrapped. The NAT has made it much harder to get a packet establishing an inbound connection to the router, but doesn't actually prevent the establishment of a connection should such a packet get there.
Compare to a default-deny firewall with public addresses on the LAN. Any inbound connections will be dropped, by definition; the lack of NAT makes it trivial to get a packet to the firewall itself, but once it's there, it won't get through.