11 matches found
CVE-2022-26318
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...
Exploit for CVE-2022-26318
Watchguard-RCE-POC-CVE-2022-26318 PoC for Watc...
Metasploit Weekly Wrap-Up 04/05/2024
New ESC4 Templates for AD CS Metasploit added capabilities for exploiting the ESC family of flaws in AD CS in Metasploit 6.3. The ESC4 technique in particular has been supported for some time now thanks to the adcscerttemplates module which enables users to read and write certificate template...
WatchGuard XTM Firebox Unauthenticated Remote Command Execution Exploit
This Metasploit module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This...
WatchGuard XTM Firebox Unauthenticated Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'WatchGuard XTM Firebox Unauthenticated Remote Command Execution', 'Description' = %q This module exploits a buffer overflow at the...
WatchGuard XTM Firebox Unauthenticated Remote Command Execution
This module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This vulnerability impac...
Watchguard Firebox and XTM Remote Code Execution (CVE-2022-26318)
A remote code execution vulnerability exists in Watchguard Firebox and XTM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Exploit for CVE-2022-26318
watchguardcve-2022-26318 Watchguard RCE POC CVE-2022-26318...
CVE-2022-26318
creationtimestamp| type| source ---|---|--- 2022-03-04 20:30:20+00:00| seen| https://t.me/cibsecurity/38451 2022-03-27 12:55:05+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/1727 2022-04-15 00:32:33+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/6169 2022-04-17...
CVE-2022-26318
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...
CVE-2022-26318
This CVE (CVE-2022-26318) affects WatchGuard XTM/Firebox appliances running Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2, enabling unauthenticated remote code execution via the admin interface. Technical details in connected docs show in-the-wild...