CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

111 matches found

RedhatCVE•added 2026/01/09 10:46 a.m.•4 views

CVE-2022-31789

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

9.8CVSS8.4AI score0.04037EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-0376

Malware in sbrugna...

4.3CVSS6.4AI score0.03286EPSS

Exploits2References7

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-6293

Malware in sbrugna...

6.1CVSS6.3AI score0.00419EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-30032

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.01092EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-30031

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00764EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-29979

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00141EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:5 a.m.•5 views

CVE-2022-25293

A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...

8.8CVSS8.2AI score0.05763EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:32 p.m.•4 views

CVE-2022-25360

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...

8.8CVSS7.1AI score0.00764EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:47 p.m.•4 views

CVE-2022-25292

A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...

8.8CVSS8.2AI score0.04947EPSS

Exploits0References1

CNNVD•added 2025/01/28 12:0 a.m.•2 views

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS is a software from WatchGuard USA that runs on a Firebox. A security vulnerability exists in WatchGuard Fireware OS. An attacker could exploit the vulnerability to upload or read files to arbitrary locations on WatchGuard Firebox and XTM devices using unprivileged credentia...

6.5CVSS8.6AI score0.00547EPSS

Exploits2References2

Packet Storm•added 2024/10/15 12:0 a.m.•315 views

WatchGuard XTM Firebox 12.5.x Buffer Overflow

============================================================================================================================================= | Title : WatchGuard XTM Firebox 12.5.x Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score

Exploits0

Rapid7 Blog•added 2024/04/05 6:59 p.m.•41 views

Metasploit Weekly Wrap-Up 04/05/2024

New ESC4 Templates for AD CS Metasploit added capabilities for exploiting the ESC family of flaws in AD CS in Metasploit 6.3. The ESC4 technique in particular has been supported for some time now thanks to the adcscerttemplates module which enables users to read and write certificate template...

7.5CVSS10AI score0.94466EPSS

Exploits51

0day.today•added 2024/04/01 12:0 a.m.•273 views

WatchGuard XTM Firebox Unauthenticated Remote Command Execution Exploit

This Metasploit module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This...

9.8CVSS10AI score0.92547EPSS

Exploits6

Packet Storm•added 2024/03/29 12:0 a.m.•818 views

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'WatchGuard XTM Firebox Unauthenticated Remote Command Execution', 'Description' = %q This module exploits a buffer overflow at the...

9.8CVSS7AI score0.92547EPSS

Exploits6

NVD•added 2022/09/06 7:15 p.m.•7 views

CVE-2022-31789

9.8CVSS0.04037EPSS

Exploits0References1

NVD•added 2022/09/06 7:15 p.m.•15 views

CVE-2022-31791

WatchGuard Firebox and XTM appliances allow a local attacker that has already obtained shell access to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

7.8CVSS0.00174EPSS

Exploits0References1

NVD•added 2022/09/06 7:15 p.m.•12 views

CVE-2022-31792

A stored cross-site scripting XSS vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fix...

5.4CVSS0.00216EPSS

Exploits0References1