Vulnerabilities > Watchguard > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-30 | CVE-2024-13043 | Link Following vulnerability in Watchguard Panda Dome 22.02.01 Panda Security Dome Link Following Local Privilege Escalation Vulnerability. | 7.8 |
| 2024-09-25 | CVE-2024-6594 | Improper Handling of Exceptional Conditions vulnerability in Watchguard Single Sign-On Client Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. | 7.5 |
| 2024-07-09 | CVE-2024-4944 | Command Injection vulnerability in Watchguard Mobile VPN With SSL A local privilege escalation vlnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileged. | 7.8 |
| 2024-07-09 | CVE-2024-5974 | Classic Buffer Overflow vulnerability in Watchguard Fireware A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. | 7.2 |
| 2024-05-06 | CVE-2024-3661 | Missing Authentication for Critical Function vulnerability in multiple products DHCP can add routes to a client’s routing table via the classless static route option (121). | 7.6 |
| 2023-10-05 | CVE-2023-26236 | Unspecified vulnerability in Watchguard products An issue was discovered in WatchGuard EPDR 8.0.21.0002. | 7.8 |
| 2022-09-06 | CVE-2022-31791 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. | 7.8 |
| 2022-09-06 | CVE-2022-31790 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. | 7.5 |
| 2022-02-24 | CVE-2022-23176 | Unspecified vulnerability in Watchguard Fireware WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. | 8.8 |
| 2022-02-24 | CVE-2022-25291 | Integer Overflow or Wraparound vulnerability in Watchguard Fireware An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to trigger a heap-based buffer overflow and potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. | 8.8 |