Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2018-10578

Published: 02/05/2018 Updated: 13/06/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Watchguard

Vulnerability Summary

An issue exists on WatchGuard AP100, AP102, and AP200 devices with firmware prior to 1.2.9.15, and AP300 devices with firmware prior to 2.0.0.10. Incorrect validation of the "old password" field in the change password form allows an malicious user to bypass validation of this field.

Vulnerable Product Search on Vulmon Subscribe to Product

watchguard ap200_firmware

watchguard ap102_firmware

watchguard ap100_firmware

watchguard ap300_firmware

Exploits

Exploit DB: Watchguard Hard-Coded Credentials / Failed Controls
WatchGuard Access Points running firmware before version 12915 suffer from hard-coded credential, hidden authentication, file upload, and incorrect validation vulnerabilities ...

References

CWE-20http://seclists.org/fulldisclosure/2018/May/12https://nvd.nist.govhttps://packetstormsecurity.com/files/147468/Watchguard-Hard-Coded-Credentials-Failed-Controls.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook