CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 2CVE-2017-8056
https://notcve.org/view.php?id=CVE-2017-8056
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new authenticated sessions until the process has recovered. The Firebox may also experience an overall degradation in performance while the wgagent process recovers. An attacker could continuously send XML-RPC requests that contain references to external entities to perform a limited Denial of Service (DoS) attack against an affected Firebox. • http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000KlBSAU https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2016-7089 – Watchguard Firewalls - 'ESCALATEPLOWMAN' ifconfig Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-7089
WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN. Accesorios WatchGuard RapidStream permiten a usuarios locales adquirir privilegios y ejecutar comandos arbitrarios a través de un comando manipulación ifconfig también conocido como ESCALATEPLOWMAN. • https://www.exploit-db.com/exploits/40270 http://packetstormsecurity.com/files/138393/ESCALATEPLOWMAN-WatchGuard-Privilege-Escalation.html http://www.securityfocus.com/bid/92638 https://www.secplicity.org/2016/08/16/nsa-equation-group-exploit-leak-mean • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-7378 – Panda Security URL Filtering < 4.3.1.9 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-7378
Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe. Panda Security URL Filtering en versiones anteriores a 4.3.1.9 utiliza una ACL débil para el directorio "Panda Security URL Filtering" y archivos instalados, lo que permite a usuarios locales obtener privilegios de SYSTEM modificando Panda_URL_Filteringb.exe. • https://www.exploit-db.com/exploits/39670 http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html http://seclists.org/fulldisclosure/2016/Apr/25 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-3943 – Panda Endpoint Administration Agent < 7.50.00 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-3943
Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business products for Windows, uses a weak ACL for the Panda Security/WaAgent directory and sub-directories, which allows local users to gain SYSTEM privileges by modifying an executable module. Desbordamiento de buffer en la función AStreamPeekStream en input/stream.c en VideoLAN VLC media player en versiones anteriores a 2.2.0 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo wav manipulado, relacionado con "buscar a través de EOF". • https://www.exploit-db.com/exploits/39671 http://packetstormsecurity.com/files/136606/Panda-Endpoint-Administration-Agent-Privilege-Escalation.html http://seclists.org/fulldisclosure/2016/Apr/24 • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 12%CPEs: 2EXPL: 6CVE-2015-5452 – Watchguard XCS - Remote Command Execution
https://notcve.org/view.php?id=CVE-2015-5452
SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3. Vulnerabilidad de inyección SQL en Watchguard XCS 9.2 y 10.0 anterior a build 150522 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de la cookie sid, tal y como fue demostrado por una solicitud a borderpost/imp/compose.php3. • https://www.exploit-db.com/exploits/38346 https://www.exploit-db.com/exploits/37440 http://packetstormsecurity.com/files/132498/Watchguard-XCS-10.0-SQL-Injection-Command-Execution.html http://packetstormsecurity.com/files/133721/Watchguard-XCS-Remote-Command-Execution.html http://www.rapid7.com/db/modules/exploit/freebsd/http/watchguard_cmd_exec http://www.security-assessment.com/files/documents/advisory/Watchguard-XCS-final.pdf http://www.securityfocus.com/bid/75516 http://www.watchguard.com/support • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •