Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Apr 16, 2026

CVE-2002-1979

Description

WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.

Affected products

WatchGuard/Legacy Rssa
cpe:2.3:h:watchguard:legacy_rssa:*:*:*:*:*:*:*:*
Range: <=3.2_sp1
WatchGuard/Soho
cpe:2.3:h:watchguard:soho:*:*:*:*:*:*:*:*
Range: <=5.1.6
WatchGuard/Vclass
cpe:2.3:h:watchguard:vclass:*:*:*:*:*:*:*:*
Range: <=3.2_sp1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/AAMN-5EQR65nvdPatch
www.kb.cert.org/vuls/id/328867nvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000