CVSS: 9.0EPSS: 4%CPEs: 8EXPL: 2CVE-2018-10577 – Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-10577
02 May 2018 — An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root, allowing these files to be executed as root. Se ha descubierto un problema en los dispositivos WatchGuard AP100, AP102 y AP200 con firmware en versiones anteriores a la 1.2.9.15 y en los dispositivos AP300 con firmware en versiones ant... • https://packetstorm.news/files/id/147468 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 1CVE-2018-10578 – Watchguard Hard-Coded Credentials / Failed Controls
https://notcve.org/view.php?id=CVE-2018-10578
02 May 2018 — An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. Incorrect validation of the "old password" field in the change password form allows an attacker to bypass validation of this field. Se ha descubierto un problema en los dispositivos WatchGuard AP100, AP102 y AP200 con firmware en versiones anteriores a la 1.2.9.15 y en los dispositivos AP300 con firmware en versiones anteriores a la 2.0.0.10. La validación del... • https://packetstorm.news/files/id/147468 • CWE-20: Improper Input Validation •