CPE Details
Watchguard Fireware 12.8.0 U1
12.8.0
2022-09-08
11h48 +00:00
11h48 +00:00
2022-09-12
12h12 +00:00
12h12 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:o:watchguard:fireware:12.8.0:u1:*:*:*:*:*:*
Informations
Vendor
watchguardProduct
firewareVersion
12.8.0Update
u1Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3. | 7.2 |
High |
||
| WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4. | 7.8 |
High |
||
| A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4. | 5.4 |
Medium |
||
| An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4. | 9.8 |
Critical |
||
| WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4. | 7.5 |
High |
2025©
tesweb SA
