EUVD-2017-6117

Malware in sbrugna...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution Exploit

This Metasploit module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'WatchGuard XTM Firebox Unauthenticated Remote Command Execution', 'Description' = %q This module exploits a buffer overflow at the...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This vulnerability impac...

WatchGuard Firebox 缓冲区错误漏洞

Watchguard WatchGuard Fireware is a firewall operating system from WatchGuard Watchguard USA. The system supports intrusion prevention, spam filtering, SSL VPN, and other features. The WatchGuard Firebox suffers from a buffer error vulnerability that stems from a wgagent stack-based buffer overfl...

WatchGuard Fireware Denial of Service Vulnerability (CNVD-2017-35372)

WatchGuard Fireware XTM is a firewall appliance from WatchGuard, Inc. that provides intrusion protection, spam filtering, SSL VPN, and more through intelligent layering technology.WatchGuard Fireware is the firmware of... A security vulnerability exists in versions of WatchGuard Fireware prior to...

CVE-2017-14616

An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login...

Design/Logic Flaw

An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login...

CVE-2017-14616

An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login...

CVE-2017-14616

WatchGuard Fireware before 12.0 is affected by CVE-2017-14616. The issue occurs in the XML-RPC login flow: sending an XML message with an empty member element causes the wgagent to crash, logging out any active UI session and, with repeated failed logins, making UI management unusable. Affected p...

CVE-2017-8056

WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity XXE, in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new...

Buffer overflow

Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie...

CVE-2013-6021

CVE-2013-6021 is a stack-based buffer overflow in WGagent used by WatchGuard WSM/Fireware before 11.8, caused by processing a crafted, oversized sessionid in cookies. This vulnerability enables remote code execution with network access, as attackers can exploit the cookie parsing to overflow the ...