Vulnerabilities > Watchguard
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-30 | CVE-2024-13043 | Link Following vulnerability in Watchguard Panda Dome 22.02.01 Panda Security Dome Link Following Local Privilege Escalation Vulnerability. | 7.8 |
| 2024-09-25 | CVE-2024-6592 | Incorrect Authorization vulnerability in Watchguard Authentication Gateway and Single Sign-On Client Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Windows and MacOS allows Authentication Bypass.This issue affects the Authentication Gateway: through 12.10.2; Windows Single Sign-On Client: through 12.7; MacOS Single Sign-On Client: through 12.5.4. | 9.1 |
| 2024-09-25 | CVE-2024-6593 | Incorrect Authorization vulnerability in Watchguard Authentication Gateway Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows allows an attacker with network access to execute restricted management commands. This issue affects Authentication Gateway: through 12.10.2. | 9.1 |
| 2024-09-25 | CVE-2024-6594 | Improper Handling of Exceptional Conditions vulnerability in Watchguard Single Sign-On Client Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. | 7.5 |
| 2024-07-09 | CVE-2024-4944 | Command Injection vulnerability in Watchguard Mobile VPN With SSL A local privilege escalation vlnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileged. | 7.8 |
| 2024-07-09 | CVE-2024-5974 | Classic Buffer Overflow vulnerability in Watchguard Fireware A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. | 7.2 |
| 2024-05-06 | CVE-2024-3661 | Missing Authentication for Critical Function vulnerability in multiple products DHCP can add routes to a client’s routing table via the classless static route option (121). | 7.6 |
| 2023-10-05 | CVE-2023-26236 | Unspecified vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 7.8 |
| 2023-10-05 | CVE-2023-26237 | Authorization Bypass Through User-Controlled Key vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 6.7 |
| 2023-10-05 | CVE-2023-26238 | Unspecified vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 5.5 |