📄 WatchGuard Firebox Default SSH Credentials

This is a python script to detect whether or not WatchGuard Firebox devices allow unauthorized access via default credentials admin:readwrite on port 4118. =============================================================================================================================================...

EUVD-2026-4118

An issue in Atomberg Atomberg Erica Smart Fan Firmware Version: V1.0.36 allows an attacker to obtain sensitive information and escalate privileges via a crafted deauth frame...

MiracleLinux 7 : openssh-7.4p1-21.el7 (AXSA:2019-4118:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4118:02 advisory. openssh: User enumeration via malformed packets in authentication requests CVE-2018-15473 Tenable has extracted the preceding description block directly from...

CVE-2009-4118

The StartServiceCtrlDispatcher function in the cvpnd service cvpnd.exe in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERRORFAILEDSERVICECONTROLLERCONNECT error, which allows local users to cause a denial of service service crash and VPN connection loss via a manual...

CVE-2025-59396

The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative access via SSH on port 4118 with the readwrite password for the admin account...

EUVD-2025-38053

The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative access via SSH on port 4118 with the readwrite password for the admin account...

CVE-2025-59396

Rejected reason: Not a security vulnerability...

CVE-2025-59396

...

CVE-2025-59396

...

PT-2025-45340

Name of the Vulnerable Software and Affected Versions WatchGuard Firebox versions through 2025-09-10 Description The default configuration of WatchGuard Firebox devices allows administrative access via SSH on port 4118 using the default 'readwrite' password for the 'admin' account. This allows...

CVE-2025-59396

CVE-2025-59396 is associated with a default-configuration vulnerability in WatchGuard Firebox devices. The exposed detail from connected documents shows that the default SSH port 4118 permits administrative access using the default admin:readwrite credentials, enabling unauthenticated remote cont...

📄 WatchGuard Firebox Default Credentials / SSH Access

The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative access via SSH on port 4118 using the default credentials. This configuration exposes the device to remote attackers who can gain full administrative access without prior authentication. CVE-2025-5939...

CVE-2011-4118

Mahara before 1.4.1, when MNet aka the Moodle network feature is used, allows remote authenticated users to gain privileges via a jump to an XMLRPC target...

CVE-2025-4118

A vulnerability classified as critical has been found in Weitong Mall 1.0.0. This affects an unknown part of the file /historyList of the component Product History Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. It is possible to initiate the...

CVE-2025-4118

A vulnerability classified as critical has been found in Weitong Mall 1.0.0. This affects an unknown part of the file /historyList of the component Product History Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. It is possible to initiate the...

CVE-2025-4118

creationtimestamp| type| source ---|---|--- 2025-04-30 14:13:20+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14049 2025-04-30 17:55:23+00:00| seen| https://t.me/cvedetector/24121...

CVE-2025-4118

This CVE (CVE-2025-4118) affects Weitong Mall 1.0.0, specifically the Product History Handler’s historyList file. The root cause is manipulation of the isDelete parameter (input 1) leading to improper access controls, allowing a remote attack. Exploitation has been publicly disclosed. Practical i...

Linux Distros Unpatched Vulnerability : CVE-2013-4118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via unspecified vectors...

CVE-2022-4118

creationtimestamp| type| source ---|---|--- 2025-01-31 23:25:09+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3701...

SUSE SLES15: postgresql14 / postgresql14-contrib / postgresql14-devel / etc (SUSE-SU-2024:4118-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4118-1 advisory. - CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level...