Fireware Security Vulnerabilities and Issues — Fireware CVE List

Lucene search

WatchguardFireware

3 matches found

CVE•added 2022/09/06 7:15 p.m.•50 views

CVE-2022-31792

A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fix...

5.4CVSS5.2AI score0.00201EPSS

CVE•added 2017/04/22 10:59 p.m.•44 views

CVE-2017-8055

WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could exploit this vulnerabilit...

5.3CVSS5.3AI score0.00292EPSS

CVE•added 2017/04/22 10:59 p.m.•40 views

CVE-2017-8056

WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new authe...

5.3CVSS5.2AI score0.16308EPSS