Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
watchguard vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-1618
The PPTP VPN service in Watchguard Firebox prior to 10, when performing the MS-CHAPv2 authentication handshake, generates different error codes depending on whether the username is valid or invalid, which allows remote malicious users to enumerate valid usernames.
Watchguard Firebox Pptp Vpn 4.9
Watchguard Firebox Pptp Vpn 5.0
5.8
CVSSv2
CVE-2016-6154
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
Watchguard Fireware
7.2
CVSSv2
CVE-2016-7089
WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN.
Watchguard Rapidstream -
1 EDB exploit
5
CVSSv2
CVE-2017-8055
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and previous versions returns different responses for valid and invalid usernames. An attacker co...
Watchguard Fireware
4.3
CVSSv2
CVE-2017-14615
An FBX-5313 issue exists in WatchGuard Fireware prior to 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be render...
Watchguard Fireware
7.8
CVSSv2
CVE-2017-14616
An FBX-5312 issue exists in WatchGuard Fireware prior to 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the fail...
Watchguard Fireware
4.3
CVSSv2
CVE-2019-18652
A DOM based XSS vulnerability has been identified on the WatchGuard XMT515 up to and including 12.1.3, allowing a remote malicious user to execute JavaScript in the victim's browser by tricking the victim into clicking on a crafted link. The payload was tested in Microsoft I...
Watchguard Xmt515 Firmware
5
CVSSv2
CVE-2017-8056
WatchGuard Fireware v11.12.1 and previous versions mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connec...
Watchguard Fireware
5
CVSSv2
CVE-2000-0783
Watchguard Firebox II allows remote malicious users to cause a denial of service by sending a malformed URL to the authentication service on port 4100.
Watchguard Firebox Ii
5
CVSSv2
CVE-2001-0592
Watchguard Firebox II before 4.6 allows a remote malicious user to create a denial of service in the kernel via a large stream (>10,000) of malformed ICMP or TCP packets.
Watchguard Firebox Ii
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »