Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
watchguard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1618
The PPTP VPN service in Watchguard Firebox prior to 10, when performing the MS-CHAPv2 authentication handshake, generates different error codes depending on whether the username is valid or invalid, which allows remote malicious users to enumerate valid usernames.
Watchguard Firebox Pptp Vpn 4.9
Watchguard Firebox Pptp Vpn 5.0
6.1
CVSSv3
CVE-2016-6154
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
Watchguard Fireware
6.1
CVSSv3
CVE-2019-18652
A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 up to and including 12.1.3, allowing a remote malicious user to execute JavaScript in the victim's browser by tricking the victim into clicking on a crafted link. The payload was tested in Microsoft I...
Watchguard Xmt515 Firmware
7.8
CVSSv3
CVE-2016-7089
WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN.
Watchguard Rapidstream -
1 EDB exploit
7.5
CVSSv3
CVE-2017-14616
An FBX-5312 issue exists in WatchGuard Fireware prior to 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the fail...
Watchguard Fireware
5.3
CVSSv3
CVE-2017-8055
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and previous versions returns different responses for valid and invalid usernames. An attacker co...
Watchguard Fireware
5.3
CVSSv3
CVE-2017-8056
WatchGuard Fireware v11.12.1 and previous versions mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connec...
Watchguard Fireware
6.1
CVSSv3
CVE-2017-14615
An FBX-5313 issue exists in WatchGuard Fireware prior to 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be render...
Watchguard Fireware
NA
CVE-2000-0783
Watchguard Firebox II allows remote malicious users to cause a denial of service by sending a malformed URL to the authentication service on port 4100.
Watchguard Firebox Ii
7.8
CVSSv3
CVE-2021-34998
This vulnerability allows local malicious users to escalate privileges on affected installations of Panda Security Free Antivirus 20.2.0.0. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The sp...
Watchguard Panda Antivirus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »