CVE-2013-5701
Watchguard Server Center - Local Privilege Escalation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
Multiple untrusted search path vulnerabilities in (1) Watchguard Log Collector (wlcollector.exe) and (2) Watchguard WebBlocker Server (wbserver.exe) in WatchGuard Server Center 11.7.4, 11.7.3, and possibly earlier allow local users to gain privileges via a Trojan horse wgpr.dll file in the application's bin directory.
Múltiples vulnerabilidades de ruta de búsqueda no confiable en (1) Watchguard Log Collector (wlcollector.exe) y (2) Watchguard WebBlocker Server (wbserver.exe) en WatchGuard Server Center 11.7.4, 11.7.3, y posiblemente anteriores versiones permiten a usuarios locales obtener privilegios a través de un caballo de troya en el archivo wgpr.dll en el directorio bin de la aplicación.
Watchguard Server Center version 11.7.4 suffers from a dll hijacking vulnerability with wgpr.dll.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-09-05 CVE Reserved
- 2013-09-08 First Exploit
- 2013-09-09 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (4)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Watchguard Search vendor "Watchguard" | Server Center Search vendor "Watchguard" for product "Server Center" | <= 11.7.4 Search vendor "Watchguard" for product "Server Center" and version " <= 11.7.4" | - |
Affected
| ||||||
Watchguard Search vendor "Watchguard" | Server Center Search vendor "Watchguard" for product "Server Center" | 11.7.3 Search vendor "Watchguard" for product "Server Center" and version "11.7.3" | - |
Affected
|