Watchguard

Fireware

51 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-25363

  • EPSS 0.18%
  • Veröffentlicht 24.02.2022 15:15:31
  • Zuletzt bearbeitet 21.11.2024 06:52:04

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged management user credentials. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x th...

6.5

CVE-2022-25290

  • EPSS 0.14%
  • Veröffentlicht 24.02.2022 15:15:30
  • Zuletzt bearbeitet 21.11.2024 06:51:56

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x...

9

CVE-2022-23176

Warnung
  • EPSS 9.57%
  • Veröffentlicht 24.02.2022 15:15:28
  • Zuletzt bearbeitet 03.11.2025 15:08:21

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before ...

6.1

CVE-2016-6154

Exploit
  • EPSS 0.21%
  • Veröffentlicht 23.08.2019 22:15:11
  • Zuletzt bearbeitet 21.11.2024 02:55:33

The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).

7.8

CVE-2017-14616

Exploit
  • EPSS 0.83%
  • Veröffentlicht 20.09.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI...

6.1

CVE-2017-14615

Exploit
  • EPSS 0.36%
  • Veröffentlicht 20.09.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the u...

5.3

CVE-2017-8056

Exploit
  • EPSS 11.38%
  • Veröffentlicht 22.04.2017 22:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, includi...

5.3

CVE-2017-8055

Exploit
  • EPSS 0.29%
  • Veröffentlicht 22.04.2017 22:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usern...

4.3

CVE-2014-0338

Exploit
  • EPSS 3.29%
  • Veröffentlicht 16.03.2014 14:06:45
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to inject arbitrary web script or HTML via the pol_name parameter.

4.3

CVE-2013-5702

  • EPSS 0.26%
  • Veröffentlicht 19.10.2013 10:36:08
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.