Page 4 of 71 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 1

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4. Los dispositivos WatchGuard Firebox y XTM permiten a un atacante remoto no autenticado recuperar configuraciones confidenciales del servidor de autenticación mediante el envío de una petición maliciosa a los endpoints de autenticación expuestos. Esto ha sido corregido en Fireware OS versiones 12.8.1, 12.5.10 y 12.1.4. • https://www.ambionics.io/blog/hacking-watchguard-firewalls https://www.openwall.com/lists/oss-security/2022/08/30/2 https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017 •

CVSS: 9.1EPSS: 0%CPEs: 60EXPL: 0

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. Los dispositivos WatchGuard Firebox y XTM permiten a un atacante remoto no autenticado eliminar archivos arbitrarios de un conjunto limitado de directorios en el sistema. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, 12.x versiones anteriores a 12.1.3_U8, y 12.2.x hasta 12.5.x anteriores a 12.5.9_U2 • https://watchguard.com https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004 •

CVSS: 9.8EPSS: 83%CPEs: 13EXPL: 2

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. En los dispositivos WatchGuard Firebox y XTM, un usuario no autenticado puede ejecutar código arbitrario, también conocido como FBX-22786. Esta vulnerabilidad afecta a Fireware OS antes de 12.7.2_U2, 12.x antes de 12.1.3_U8, y 12.2.x hasta 12.5.x antes de 12.5.9_U2 On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code. • https://github.com/h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318 https://github.com/BabyTeam1024/CVE-2022-26318 https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html - •

CVSS: 8.8EPSS: 0%CPEs: 15EXPL: 0

An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to trigger a heap-based buffer overflow and potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. Un desbordamiento de enteros en los dispositivos WatchGuard Firebox y XTM permite a un atacante remoto autenticado desencadenar un desbordamiento de búfer basado en la pila y potencialmente ejecutar código arbitrario al iniciar una actualización de firmware con una imagen de actualización maliciosa. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, versiones 12.x anteriores a 12.1.3_U8, y versiones 12.2.x hasta 12.5.x anteriores a 12.5.9_U2 • https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html • CWE-190: Integer Overflow or Wraparound •

CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. Los dispositivos WatchGuard Firebox y XTM permiten a un atacante remoto autenticado con credenciales no privilegiadas recuperar las claves privadas de los certificados. Esta vulnerabilidad afecta a Fireware OS versiones anteriores a 12.7.2_U2, versiones 12.x anteriores a 12.1.3_U8, y versiones 12.2.x hasta 12.5.x anteriores a 12.5.9_U2 • https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html •