Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
watchguard vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-14615
An FBX-5313 issue exists in WatchGuard Fireware prior to 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be render...
Watchguard Fireware
5.9
CVSSv3
CVE-2017-8060
Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate malicious user to silently intercept information sent during the login API call.
Watchguard Panda Mobile Security 1.1
5.5
CVSSv3
CVE-2023-26238
An issue exists in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe.
Watchguard Epp Firmware
Watchguard Edr Firmware
Watchguard Epdr Firmware
Watchguard Panda Ad360 Firmware
5.5
CVSSv3
CVE-2023-26239
An issue exists in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user.
Watchguard Epp Firmware
Watchguard Edr Firmware
Watchguard Epdr Firmware
Watchguard Panda Ad360 Firmware
5.5
CVSSv3
CVE-2017-8339
PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \\.\PSMEMDriver.
Watchguard Panda Antivirus 18.0
5.4
CVSSv3
CVE-2022-31792
A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management...
Watchguard Fireware 12.8.0
Watchguard Fireware 12.7.2
Watchguard Fireware 12.7.1
Watchguard Fireware 12.7.0
Watchguard Fireware 12.6.3
Watchguard Fireware 12.6.4
Watchguard Fireware 12.6.1
Watchguard Fireware
5.3
CVSSv3
CVE-2017-8055
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and previous versions returns different responses for valid and invalid usernames. An attacker co...
Watchguard Fireware
5.3
CVSSv3
CVE-2017-8056
WatchGuard Fireware v11.12.1 and previous versions mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connec...
Watchguard Fireware
NA
CVE-2024-1417
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in WatchGuard AuthPoint Password Manager on MacOS allows an a adversary with local access to execute code under the context of the AuthPoint Password Manager application. T...
NA
CVE-2015-5452
SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote malicious users to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3.
Watchguard Xcs 9.2
Watchguard Xcs 10.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »