Unrated severityNVD Advisory· Published Apr 30, 2018· Updated Aug 5, 2024

CVE-2018-10576

Description

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Improper authentication handling by the native Access Point web UI allows authentication using a local system account (instead of the dedicated web-only user).

Affected products

WatchGuard/AP100llm-fuzzy
Range: <1.2.9.15
WatchGuard/AP102llm-fuzzy
Range: <1.2.9.15
WatchGuard/AP200llm-fuzzy
Range: <1.2.9.15

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/45409/mitreexploitx_refsource_EXPLOIT-DB
seclists.org/fulldisclosure/2018/May/12mitremailing-listx_refsource_FULLDISC
watchguardsupport.secure.force.com/publicKBmitrex_refsource_CONFIRM
www.watchguard.com/wgrd-blog/new-firmware-available-ap100ap102ap200ap300-security-vulnerability-fixesmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000