Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
watchguard fireware vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2022-25291
An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote malicious user to trigger a heap-based buffer overflow and potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fir...
Watchguard Fireware
Watchguard Fireware 12.1.3
Watchguard Fireware 12.5.9
Watchguard Fireware 12.7.2
6.5
CVSSv2
CVE-2022-25292
A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote malicious user to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS prior to 12.7....
Watchguard Fireware
Watchguard Fireware 12.1.3
Watchguard Fireware 12.7.2
Watchguard Fireware 12.5.9
6.5
CVSSv2
CVE-2022-25293
A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote malicious user to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS prior to 12.7....
Watchguard Fireware
Watchguard Fireware 12.1.3
Watchguard Fireware 12.7.2
Watchguard Fireware 12.5.9
6.5
CVSSv2
CVE-2022-25360
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS prior to 12.7.2_U2, 12.x prior to 12.1.3_U8, and 12.2.x up to and including 12.5.x prior to 12...
Watchguard Fireware
Watchguard Fireware 12.1.3
Watchguard Fireware 12.5.9
Watchguard Fireware 12.7.2
9
CVSSv2
CVE-2022-23176
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS prior to 12.7.2_U1, 12.x prior to 12.1.3_U3, and 12.2.x up t...
Watchguard Fireware
Watchguard Fireware 12.5.7
Watchguard Fireware 12.1.3
Watchguard Fireware 12.7.2
4
CVSSv2
CVE-2022-25363
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS prior to 12.7.2_U2, 12.x prior to 12.1.3_U8, and 12.2.x up to and including 12.5.x p...
Watchguard Fireware
Watchguard Fireware 12.1.3
Watchguard Fireware 12.7.2
Watchguard Fireware 12.5.9
5
CVSSv2
CVE-2017-8056
WatchGuard Fireware v11.12.1 and previous versions mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connec...
Watchguard Fireware
4.3
CVSSv2
CVE-2017-14615
An FBX-5313 issue exists in WatchGuard Fireware prior to 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be render...
Watchguard Fireware
7.8
CVSSv2
CVE-2017-14616
An FBX-5312 issue exists in WatchGuard Fireware prior to 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the fail...
Watchguard Fireware
5
CVSSv2
CVE-2017-8055
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and previous versions returns different responses for valid and invalid usernames. An attacker co...
Watchguard Fireware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »