Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
watchguard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1417
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in WatchGuard AuthPoint Password Manager on MacOS allows an a adversary with local access to execute code under the context of the AuthPoint Password Manager application. T...
7.8
CVSSv3
CVE-2023-26236
An issue exists in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe.
Watchguard Epp Firmware
Watchguard Edr Firmware
Watchguard Epdr Firmware
Watchguard Panda Ad360 Firmware
6.7
CVSSv3
CVE-2023-26237
An issue exists in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM.
Watchguard Epp Firmware
Watchguard Edr Firmware
Watchguard Epdr Firmware
Watchguard Panda Ad360 Firmware
5.5
CVSSv3
CVE-2023-26238
An issue exists in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe.
Watchguard Epp Firmware
Watchguard Edr Firmware
Watchguard Epdr Firmware
Watchguard Panda Ad360 Firmware
5.5
CVSSv3
CVE-2023-26239
An issue exists in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user.
Watchguard Epp Firmware
Watchguard Edr Firmware
Watchguard Epdr Firmware
Watchguard Panda Ad360 Firmware
6.5
CVSSv3
CVE-2023-37849
A DLL hijacking vulnerability in Panda Security VPN for Windows prior to version v15.14.8 allows malicious users to execute arbitrary code via placing a crafted DLL file in the same directory as PANDAVPN.exe.
Watchguard Panda Security Vpn
9.8
CVSSv3
CVE-2022-31789
An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote malicious user to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.1...
Watchguard Fireware 12.8.0
Watchguard Fireware 12.7.2
Watchguard Fireware 12.7.1
Watchguard Fireware 12.7.0
Watchguard Fireware 12.6.3
Watchguard Fireware 12.6.4
Watchguard Fireware 12.6.1
Watchguard Fireware
7.8
CVSSv3
CVE-2022-31791
WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
Watchguard Fireware 12.8.0
Watchguard Fireware 12.7.2
Watchguard Fireware 12.7.1
Watchguard Fireware 12.7.0
Watchguard Fireware 12.6.3
Watchguard Fireware 12.6.4
Watchguard Fireware 12.6.1
Watchguard Fireware
5.4
CVSSv3
CVE-2022-31792
A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management...
Watchguard Fireware 12.8.0
Watchguard Fireware 12.7.2
Watchguard Fireware 12.7.1
Watchguard Fireware 12.7.0
Watchguard Fireware 12.6.3
Watchguard Fireware 12.6.4
Watchguard Fireware 12.6.1
Watchguard Fireware
7.5
CVSSv3
CVE-2022-31790
WatchGuard Firebox and XTM appliances allow an unauthenticated remote malicious user to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
Watchguard Fireware 12.8.0
Watchguard Fireware 12.7.2
Watchguard Fireware 12.7.1
Watchguard Fireware 12.7.0
Watchguard Fireware 12.6.3
Watchguard Fireware 12.6.4
Watchguard Fireware 12.6.1
Watchguard Fireware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »