On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWatchguard Fireware
OSWatchguard12.1.312.5.912.7.212.0.0 – 12.1.3 (bez)12.5 – 12.5.9 (bez)12.7.0 – 12.7.2 (bez)
CISA KEV — detailsi
- Vendori
- WatchGuard
- Producti
- Firebox and XTM Appliances
- Added to KEVi
- March 25, 2022
- Remediation deadline (US Federal)i
- April 15, 2022(overdue)
Apply updates per vendor instructions.
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.
Related vulnerabilities
RCE bez uwierzytelnienia w WatchGuard Fireware OS – podatność IKEv2 VPN
RCE przez Out-of-bounds Write w WatchGuard Fireware OS (IKEv2 VPN)
An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trig...
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from ...
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the syst...