// For flags

CVE-2013-5701

Watchguard Server Center - Local Privilege Escalation

Severity Score

7.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

4
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple untrusted search path vulnerabilities in (1) Watchguard Log Collector (wlcollector.exe) and (2) Watchguard WebBlocker Server (wbserver.exe) in WatchGuard Server Center 11.7.4, 11.7.3, and possibly earlier allow local users to gain privileges via a Trojan horse wgpr.dll file in the application's bin directory.

Múltiples vulnerabilidades de ruta de búsqueda no confiable en (1) Watchguard Log Collector (wlcollector.exe) y (2) Watchguard WebBlocker Server (wbserver.exe) en WatchGuard Server Center 11.7.4, 11.7.3, y posiblemente anteriores versiones permiten a usuarios locales obtener privilegios a través de un caballo de troya en el archivo wgpr.dll en el directorio bin de la aplicación.

Watchguard Server Center version 11.7.4 suffers from a dll hijacking vulnerability with wgpr.dll.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-09-05 CVE Reserved
  • 2013-09-08 First Exploit
  • 2013-09-09 CVE Published
  • 2024-09-16 CVE Updated
  • 2024-09-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Watchguard
Search vendor "Watchguard"
Server Center
Search vendor "Watchguard" for product "Server Center"
<= 11.7.4
Search vendor "Watchguard" for product "Server Center" and version " <= 11.7.4"
-
Affected
Watchguard
Search vendor "Watchguard"
Server Center
Search vendor "Watchguard" for product "Server Center"
11.7.3
Search vendor "Watchguard" for product "Server Center" and version "11.7.3"
-
Affected