CVE-2022-26318
WatchGuard Firebox and XTM Appliances Arbitrary Code Execution
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
-
*SSVC
Descriptions
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
En los dispositivos WatchGuard Firebox y XTM, un usuario no autenticado puede ejecutar código arbitrario, también conocido como FBX-22786. Esta vulnerabilidad afecta a Fireware OS antes de 12.7.2_U2, 12.x antes de 12.1.3_U8, y 12.2.x hasta 12.5.x antes de 12.5.9_U2
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-02-28 CVE Reserved
- 2022-03-04 CVE Published
- 2022-03-25 Exploited in Wild
- 2022-04-15 KEV Due Date
- 2022-04-18 First Exploit
- 2024-08-03 CVE Updated
- 2024-11-17 EPSS Updated
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| - |
| URL | Date | SRC |
|---|---|---|
| https://github.com/h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318 | 2022-04-18 | |
| https://github.com/BabyTeam1024/CVE-2022-26318 | 2022-05-21 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | >= 12.0.0 < 12.1.3 Search vendor "Watchguard" for product "Fireware" and version " >= 12.0.0 < 12.1.3" | - |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | >= 12.5.0 < 12.5.9 Search vendor "Watchguard" for product "Fireware" and version " >= 12.5.0 < 12.5.9" | - |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | >= 12.7.0 < 12.7.2 Search vendor "Watchguard" for product "Fireware" and version " >= 12.7.0 < 12.7.2" | - |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | - |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | u1 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | u2 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | u3 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | u4 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | u5 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | u6 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.1.3 Search vendor "Watchguard" for product "Fireware" and version "12.1.3" | u7 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.5.9 Search vendor "Watchguard" for product "Fireware" and version "12.5.9" | u1 |
Affected
| ||||||
| Watchguard Search vendor "Watchguard" | Fireware Search vendor "Watchguard" for product "Fireware" | 12.7.2 Search vendor "Watchguard" for product "Fireware" and version "12.7.2" | u1 |
Affected
| ||||||