Lucene search
K

111 matches found

Cvelist
Cvelist
added 2022/02/24 4:55 a.m.30 views

CVE-2022-25293

A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...

9.1AI score0.0203EPSS
Exploits0References2
CVE
CVE
added 2022/02/24 4:55 a.m.103 views

CVE-2022-25292

CVE-2022-25292 corresponds to a stack-based buffer overflow in WatchGuard’s wgagent component used by Firebox and XTM appliances. The vulnerability allows an authenticated remote attacker to execute arbitrary code by initiating a firmware update with a malicious upgrade image. Affected versions i...

8.8CVSS8.9AI score0.0203EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/02/24 4:55 a.m.18 views

CVE-2022-25292

A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...

9.1AI score0.0203EPSS
Exploits0References2
CVE
CVE
added 2022/02/24 4:53 a.m.100 views

CVE-2022-25360

CVE-2022-25360 affects WatchGuard Firebox and XTM appliances running Fireware OS. An authenticated remote attacker with unprivileged credentials can upload files to arbitrary locations. Affected versions include Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before...

8.8CVSS8.6AI score0.01294EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/02/24 4:53 a.m.31 views

CVE-2022-25360

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...

8.8AI score0.01294EPSS
Exploits0References1
CVE
CVE
added 2022/02/24 12:52 a.m.1235 views

CVE-2022-23176

CVE-2022-23176 affects WatchGuard Firebox and XTM appliances running Fireware OS. The vulnerability allows a remote attacker with unprivileged credentials to access the system with a privileged management session through exposed management access. Affected versions include Fireware OS before 12.7...

9CVSS8.4AI score0.13318EPSS
In wildExploits1References6Affected Software1
Cvelist
Cvelist
added 2022/02/24 12:52 a.m.44 views

CVE-2022-23176

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...

8.7AI score0.13318EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/02/24 12:0 a.m.4 views

PT-2022-17241 · Watchguard · Watchguard Firebox +1

Name of the Vulnerable Software and Affected Versions: WatchGuard Firebox and XTM appliances versions prior to 12.1.3 U8 WatchGuard Firebox and XTM appliances versions 12.2.x through 12.5.x before 12.5.9 U2 WatchGuard Firebox and XTM appliances versions prior to 12.7.2 U2 Description: The issue...

6.5CVSS6.4AI score0.00882EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/02/24 12:0 a.m.5 views

PT-2022-17190 · Watchguard · Fireware Os +2

Name of the Vulnerable Software and Affected Versions: WatchGuard Firebox and XTM appliances Fireware OS versions prior to 12.7.2 U2 WatchGuard Firebox and XTM appliances Fireware OS versions 12.x prior to 12.1.3 U8 WatchGuard Firebox and XTM appliances Fireware OS versions 12.2.x through 12.5.x...

8.8CVSS9AI score0.0203EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/02/24 12:0 a.m.71 views

CVE-2022-23176

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...

9CVSS5.3AI score0.13318EPSS
In wildExploits1References6
NVD
NVD
added 2020/02/07 4:15 p.m.20 views

CVE-2014-6413

A Cross-site Scripting XSS vulnerability exists in WatchGuard XTM 11.8.3 via the pollname parameter in the firewall/policy script...

6.1CVSS6AI score0.01249EPSS
Exploits1References4
Prion
Prion
added 2020/02/07 4:15 p.m.14 views

Cross site scripting

A Cross-site Scripting XSS vulnerability exists in WatchGuard XTM 11.8.3 via the pollname parameter in the firewall/policy script...

4.3CVSS6.2AI score0.01249EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/02/07 3:47 p.m.25 views

CVE-2014-6413

A Cross-site Scripting XSS vulnerability exists in WatchGuard XTM 11.8.3 via the pollname parameter in the firewall/policy script...

6AI score0.01249EPSS
Exploits1References4
CVE
CVE
added 2020/02/07 3:47 p.m.44 views

CVE-2014-6413

WatchGuard XTM 11.8.3 is affected by CVE-2014-6413, a Cross-site Scripting (XSS) flaw exploitable via the poll_name parameter in the firewall/policy script. Affects the product as described in NVD entries; CVSS base scores: 4.3 (NVD CVSS2) and 6.1 (CVSS3.1) with network attack vector, low attack ...

6.1CVSS6AI score0.01249EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2017/09/19 12:0 a.m.86 views

Watchguard Firebox / XTM XML-RPC Empty Member Denial Of Service

Watchguardas Firebox and XTM are a series of enterprise grade network security appliances providing advanced security services like next generation firewall, intrusion prevention, malware detection and blockage and others. Two vulnerabilities were discovered affecting the XML-RPC interface of the...

5CVSS5.4AI score0.05076EPSS
Exploits2
Packet Storm
Packet Storm
added 2017/04/17 12:0 a.m.71 views

Watchguard Firebox / XTM XXE Injection

Watchguardas Firebox and XTM are a series of enterprise grade network security appliances providing advanced security services like next generation firewall, intrusion prevention, malware detection and blockage and others. Two vulnerabilities were discovered affecting the XML-RPC interface of the...

Exploits0
0day.today
0day.today
added 2017/04/17 12:0 a.m.54 views

Watchguard Firebox / XTM XXE Injection Vulnerability

Watchguard's Firebox and XTM appliances suffer from XML external entity injection and XML-RPC user enumeration vulnerabilities. Watchguardas Firebox and XTM are a series of enterprise grade network security appliances providing advanced security services like next generation firewall, intrusion...

7.5AI score
Exploits0
OpenVAS
OpenVAS
added 2017/03/13 12:0 a.m.207 views

WatchGuard Fireware XTM < 11.12.1 Multiple Vulnerabilities

WatchGuard Fireware XMT Web UI is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

8.1CVSS7.7AI score0.55724EPSS
Exploits0References2
CNVD
CNVD
added 2016/07/22 12:0 a.m.3 views

WatchGuard Fireware XTM Open Redirect Vulnerability

WatchGuard Fireware XTM is a firewall appliance from WatchGuard USA. An open redirection vulnerability exists in WatchGuard Fireware XTM versions prior to 11.10.7. The vulnerability can be exploited to redirect a user to an attacker-controlled website by constructing a malicious URI that entices...

6.8AI score
Exploits0References1
Packet Storm
Packet Storm
added 2016/03/29 12:0 a.m.30 views

Fireware XTM Web UI Open Redirect

================================================================ Fireware XTM Web UI - Open Redirect ================================================================ Information -------------------- Name: Fireware XTM Web UI - Open Redirect Affected Software : Fireware XTM Web UI Affected Version...

7.4AI score
Exploits0
Rows per page
Query Builder