Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
watchguard vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-1618
The PPTP VPN service in Watchguard Firebox prior to 10, when performing the MS-CHAPv2 authentication handshake, generates different error codes depending on whether the username is valid or invalid, which allows remote malicious users to enumerate valid usernames.
Watchguard Firebox Pptp Vpn 4.9
Watchguard Firebox Pptp Vpn 5.0
4.3
CVSSv2
CVE-2019-18652
A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 up to and including 12.1.3, allowing a remote malicious user to execute JavaScript in the victim's browser by tricking the victim into clicking on a crafted link. The payload was tested in Microsoft I...
Watchguard Xmt515 Firmware
7.8
CVSSv2
CVE-2017-14616
An FBX-5312 issue exists in WatchGuard Fireware prior to 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the fail...
Watchguard Fireware
5.8
CVSSv2
CVE-2016-6154
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
Watchguard Fireware
4.3
CVSSv2
CVE-2017-14615
An FBX-5313 issue exists in WatchGuard Fireware prior to 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be render...
Watchguard Fireware
5
CVSSv2
CVE-2017-8055
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and previous versions returns different responses for valid and invalid usernames. An attacker co...
Watchguard Fireware
5
CVSSv2
CVE-2017-8056
WatchGuard Fireware v11.12.1 and previous versions mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connec...
Watchguard Fireware
7.2
CVSSv2
CVE-2016-7089
WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN.
Watchguard Rapidstream -
1 EDB exploit
5
CVSSv2
CVE-2001-0592
Watchguard Firebox II before 4.6 allows a remote malicious user to create a denial of service in the kernel via a large stream (>10,000) of malformed ICMP or TCP packets.
Watchguard Firebox Ii
7.2
CVSSv2
CVE-2021-34998
This vulnerability allows local malicious users to escalate privileges on affected installations of Panda Security Free Antivirus 20.2.0.0. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The sp...
Watchguard Panda Antivirus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »