Vulnerabilities > Watchguard
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-06 | CVE-2022-31789 | Integer Overflow or Wraparound vulnerability in Watchguard Fireware An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. | 9.8 |
| 2022-09-06 | CVE-2022-31791 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. | 7.8 |
| 2022-09-06 | CVE-2022-31792 | Cross-site Scripting vulnerability in Watchguard Fireware A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. | 5.4 |
| 2022-09-06 | CVE-2022-31790 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. | 7.5 |
| 2022-06-07 | CVE-2022-25361 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. | 9.1 |
| 2022-03-04 | CVE-2022-26318 | Unspecified vulnerability in Watchguard Fireware On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. | 9.8 |
| 2022-02-24 | CVE-2022-23176 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. | 8.8 |
| 2022-02-24 | CVE-2022-25290 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. | 6.5 |
| 2022-02-24 | CVE-2022-25291 | Integer Overflow or Wraparound vulnerability in Watchguard Fireware An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to trigger a heap-based buffer overflow and potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. | 8.8 |
| 2022-02-24 | CVE-2022-25292 | Out-of-bounds Write vulnerability in Watchguard Fireware A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. | 8.8 |