19 matches found
CVE-2022-31789
An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...
EUVD-2022-29979
Malicious code in bioql PyPI...
EUVD-2022-30032
Malicious code in bioql PyPI...
EUVD-2022-30031
Malicious code in bioql PyPI...
CVE-2022-25293
A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...
CVE-2022-25360
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...
CVE-2022-25292
A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...
WatchGuard XTM Firebox Unauthenticated Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'WatchGuard XTM Firebox Unauthenticated Remote Command Execution', 'Description' = %q This module exploits a buffer overflow at the...
CVE-2022-31792
A stored cross-site scripting XSS vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fix...
Cross site scripting
A stored cross-site scripting XSS vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fix...
CVE-2022-31789
WatchGuard Firebox and XTM appliances are affected by an integer overflow that can trigger a buffer overflow via requests to exposed management ports, allowing an unauthenticated remote attacker to potentially execute arbitrary code. The issue is documented across multiple sources (NVD/Red Hat/NC...
PT-2022-20937 · Watchguard · Fireware Os +2
Name of the Vulnerable Software and Affected Versions: WatchGuard Firebox and XTM appliances versions prior to 12.1.4 WatchGuard Firebox and XTM appliances versions prior to 12.5.10 WatchGuard Firebox and XTM appliances versions prior to 12.8.1 Description: A stored cross-site scripting XSS issue...
PT-2022-3467 · Watchguard · Watchguard Fireware
Name of the Vulnerable Software and Affected Versions: WatchGuard Fireware OS versions prior to 12.1.4 WatchGuard Fireware OS versions prior to 12.5.10 WatchGuard Fireware OS versions prior to 12.8.1 Description: An argument injection issue in the diagnose and import pac commands allows an...
CVE-2022-26318
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...
CVE-2022-26318
This CVE (CVE-2022-26318) affects WatchGuard XTM/Firebox appliances running Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2, enabling unauthenticated remote code execution via the admin interface. Technical details in connected docs show in-the-wild...
CVE-2022-25293
A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...
Stack overflow
A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...
Design/Logic Flaw
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...
PT-2022-17241 · Watchguard · Watchguard Firebox +1
Name of the Vulnerable Software and Affected Versions: WatchGuard Firebox and XTM appliances versions prior to 12.1.3 U8 WatchGuard Firebox and XTM appliances versions 12.2.x through 12.5.x before 12.5.9 U2 WatchGuard Firebox and XTM appliances versions prior to 12.7.2 U2 Description: The issue...