CVSS: 9.1EPSS: 0%CPEs: 60EXPL: 0CVE-2022-25361
https://notcve.org/view.php?id=CVE-2022-25361
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. Los dispositivos WatchGuard Firebox y XTM permiten a un atacante remoto no autenticado eliminar archivos arbitrarios de un conjunto limitado de directorios en el sistema. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, 12.x versiones anteriores a 12.1.3_U8, y 12.2.x hasta 12.5.x anteriores a 12.5.9_U2 • https://watchguard.com https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 1CVE-2008-1618
https://notcve.org/view.php?id=CVE-2008-1618
The PPTP VPN service in Watchguard Firebox before 10, when performing the MS-CHAPv2 authentication handshake, generates different error codes depending on whether the username is valid or invalid, which allows remote attackers to enumerate valid usernames. El servicio PPTP VPN en Watchguard Firebox versiones anteriores a 10, al realizar la negociación de autenticación MS-CHAPv2, genera diferentes códigos de error dependiendo de si el nombre de usuario es válido o no válido, lo que permite a los atacantes remotos enumerar nombres de usuario comprobados. • http://secunia.com/advisories/29708 http://www.mwrinfosecurity.com/publications/mwri_watchguard-firebox-pptp-vpn-user-enumeration-advisory_2008-04-04.pdf http://www.osvdb.org/44218 http://www.securityfocus.com/bid/28619 http://www.securitytracker.com/id?1019796 http://www.vupen.com/english/advisories/2008/1152/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41683 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 3%CPEs: 9EXPL: 0CVE-2002-1519
https://notcve.org/view.php?id=CVE-2002-1519
Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the password parameter. Vulnerabilidad de cadena de formato en el interfaz CLI de Watchguard Firebox Vclass 3.2 y anteriores, RSSA Appliance 3.0.2 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante especificadores de cadenas de formateo en el parámetro de contraseña. • http://archives.neohapsis.com/archives/bugtraq/2002-09/0325.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0335.html http://www.iss.net/security_center/static/10217.php http://www.osvdb.org/4924 http://www.securityfocus.com/bid/5814 •
CVSS: 10.0EPSS: 1%CPEs: 9EXPL: 0CVE-2002-1520
https://notcve.org/view.php?id=CVE-2002-1520
The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privileges. El interfaz CLI de WatchGuard Firebox Vclass 3.2 y anteriores, y RSSA Appliance 3.0.2 no cierra adecuadamente la conexión SSH cuando se provee una opción -N durante autenticación, lo que permite a atacantes remotos acceder a CLI con privilegios de administrador • http://archives.neohapsis.com/archives/bugtraq/2002-09/0325.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0335.html http://www.iss.net/security_center/static/10218.php http://www.osvdb.org/4831 http://www.securityfocus.com/bid/5815 •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 1CVE-2002-1046
https://notcve.org/view.php?id=CVE-2002-1046
Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to TCP port 4110. • http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0012.html http://www.iss.net/security_center/static/9509.php http://www.securityfocus.com/bid/5186 •