CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2022-31789

CVSS 9.8v3.1pub. 2022-09-06upd. 2024-11-21

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Watchguard Fireware

    OS
    Watchguard
    12.6.112.6.312.6.412.7.012.7.112.7.212.8.012.2.0 – 12.5.10 (bez)12.0.0 – 12.1.4 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2025-14733CRITICAL9.3⚠ KEVPL ✓ten sam produkt

RCE bez uwierzytelnienia w WatchGuard Fireware OS – podatność IKEv2 VPN

CVE-2025-9242CRITICAL9.3⚠ KEVPL ✓ten sam produkt

RCE przez Out-of-bounds Write w WatchGuard Fireware OS (IKEv2 VPN)

CVE-2022-26318CRITICAL9.8⚠ KEVten sam produkt

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. T...

CVE-2022-25361CRITICAL9.1ten sam produkt

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from ...

CVE-2022-23176HIGH8.8⚠ KEVten sam produkt

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the syst...