Watchguard

Fireware

31 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2022-31792

  • EPSS 0.22%
  • Published 06.09.2022 19:15:08
  • Last modified 21.11.2024 07:05:20

A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted ...

7.8

CVE-2022-31791

  • EPSS 0.17%
  • Published 06.09.2022 19:15:08
  • Last modified 21.11.2024 07:05:19

WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.

9.8

CVE-2022-31789

  • EPSS 6.46%
  • Published 06.09.2022 19:15:08
  • Last modified 21.11.2024 07:05:19

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fi...

7.5

CVE-2022-31790

Exploit
  • EPSS 0.99%
  • Published 06.09.2022 18:15:15
  • Last modified 21.11.2024 07:05:19

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and ...

9.1

CVE-2022-25361

  • EPSS 1.09%
  • Published 07.06.2022 14:15:09
  • Last modified 21.11.2024 06:52:04

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x throu...

9.8

CVE-2022-26318

Warning
  • EPSS 92.76%
  • Published 04.03.2022 18:15:08
  • Last modified 14.03.2025 19:59:55

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

6.5

CVE-2022-25363

  • EPSS 0.18%
  • Published 24.02.2022 15:15:31
  • Last modified 21.11.2024 06:52:04

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x th...

8.8

CVE-2022-25360

  • EPSS 0.76%
  • Published 24.02.2022 15:15:31
  • Last modified 21.11.2024 06:52:04

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5...

8.8

CVE-2022-25293

  • EPSS 3.57%
  • Published 24.02.2022 15:15:31
  • Last modified 21.11.2024 06:51:56

A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fi...

8.8

CVE-2022-25292

  • EPSS 5.76%
  • Published 24.02.2022 15:15:31
  • Last modified 21.11.2024 06:51:56

A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fi...