111 matches found
CVE-2022-25293
A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...
CVE-2022-25292
CVE-2022-25292 corresponds to a stack-based buffer overflow in WatchGuard’s wgagent component used by Firebox and XTM appliances. The vulnerability allows an authenticated remote attacker to execute arbitrary code by initiating a firmware update with a malicious upgrade image. Affected versions i...
CVE-2022-25292
A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...
CVE-2022-25360
CVE-2022-25360 affects WatchGuard Firebox and XTM appliances running Fireware OS. An authenticated remote attacker with unprivileged credentials can upload files to arbitrary locations. Affected versions include Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before...
CVE-2022-25360
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...
CVE-2022-23176
CVE-2022-23176 affects WatchGuard Firebox and XTM appliances running Fireware OS. The vulnerability allows a remote attacker with unprivileged credentials to access the system with a privileged management session through exposed management access. Affected versions include Fireware OS before 12.7...
CVE-2022-23176
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...
PT-2022-17241 · Watchguard · Watchguard Firebox +1
Name of the Vulnerable Software and Affected Versions: WatchGuard Firebox and XTM appliances versions prior to 12.1.3 U8 WatchGuard Firebox and XTM appliances versions 12.2.x through 12.5.x before 12.5.9 U2 WatchGuard Firebox and XTM appliances versions prior to 12.7.2 U2 Description: The issue...
PT-2022-17190 · Watchguard · Fireware Os +2
Name of the Vulnerable Software and Affected Versions: WatchGuard Firebox and XTM appliances Fireware OS versions prior to 12.7.2 U2 WatchGuard Firebox and XTM appliances Fireware OS versions 12.x prior to 12.1.3 U8 WatchGuard Firebox and XTM appliances Fireware OS versions 12.2.x through 12.5.x...
CVE-2022-23176
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...
CVE-2014-6413
A Cross-site Scripting XSS vulnerability exists in WatchGuard XTM 11.8.3 via the pollname parameter in the firewall/policy script...
Cross site scripting
A Cross-site Scripting XSS vulnerability exists in WatchGuard XTM 11.8.3 via the pollname parameter in the firewall/policy script...
CVE-2014-6413
A Cross-site Scripting XSS vulnerability exists in WatchGuard XTM 11.8.3 via the pollname parameter in the firewall/policy script...
CVE-2014-6413
WatchGuard XTM 11.8.3 is affected by CVE-2014-6413, a Cross-site Scripting (XSS) flaw exploitable via the poll_name parameter in the firewall/policy script. Affects the product as described in NVD entries; CVSS base scores: 4.3 (NVD CVSS2) and 6.1 (CVSS3.1) with network attack vector, low attack ...
Watchguard Firebox / XTM XML-RPC Empty Member Denial Of Service
Watchguardas Firebox and XTM are a series of enterprise grade network security appliances providing advanced security services like next generation firewall, intrusion prevention, malware detection and blockage and others. Two vulnerabilities were discovered affecting the XML-RPC interface of the...
Watchguard Firebox / XTM XXE Injection
Watchguardas Firebox and XTM are a series of enterprise grade network security appliances providing advanced security services like next generation firewall, intrusion prevention, malware detection and blockage and others. Two vulnerabilities were discovered affecting the XML-RPC interface of the...
Watchguard Firebox / XTM XXE Injection Vulnerability
Watchguard's Firebox and XTM appliances suffer from XML external entity injection and XML-RPC user enumeration vulnerabilities. Watchguardas Firebox and XTM are a series of enterprise grade network security appliances providing advanced security services like next generation firewall, intrusion...
WatchGuard Fireware XTM < 11.12.1 Multiple Vulnerabilities
WatchGuard Fireware XMT Web UI is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
WatchGuard Fireware XTM Open Redirect Vulnerability
WatchGuard Fireware XTM is a firewall appliance from WatchGuard USA. An open redirection vulnerability exists in WatchGuard Fireware XTM versions prior to 11.10.7. The vulnerability can be exploited to redirect a user to an attacker-controlled website by constructing a malicious URI that entices...
Fireware XTM Web UI Open Redirect
================================================================ Fireware XTM Web UI - Open Redirect ================================================================ Information -------------------- Name: Fireware XTM Web UI - Open Redirect Affected Software : Fireware XTM Web UI Affected Version...