Vulnerabilities > Watchguard
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-05 | CVE-2023-26239 | Improper Check for Dropped Privileges vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 5.5 |
| 2023-07-13 | CVE-2023-37849 | Uncontrolled Search Path Element vulnerability in Watchguard Panda Security VPN A DLL hijacking vulnerability in Panda Security VPN for Windows prior to version v15.14.8 allows attackers to execute arbitrary code via placing a crafted DLL file in the same directory as PANDAVPN.exe. | 6.5 |
| 2022-09-06 | CVE-2022-31789 | Integer Overflow or Wraparound vulnerability in Watchguard Fireware An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. | 9.8 |
| 2022-09-06 | CVE-2022-31791 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. | 7.8 |
| 2022-09-06 | CVE-2022-31792 | Cross-site Scripting vulnerability in Watchguard Fireware A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. | 5.4 |
| 2022-09-06 | CVE-2022-31790 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. | 7.5 |
| 2022-06-07 | CVE-2022-25361 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. | 9.1 |
| 2022-03-04 | CVE-2022-26318 | Unspecified vulnerability in Watchguard Fireware On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. | 9.8 |
| 2022-02-24 | CVE-2022-23176 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. | 8.8 |
| 2022-02-24 | CVE-2022-25290 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. | 6.5 |