VYPR

XTM

by WatchGuard

CVEs (5)

  • CVE-2022-31791Sep 6, 2022
    risk 0.00cvss epss 0.00

    WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.

  • CVE-2022-31792Sep 6, 2022
    risk 0.00cvss epss 0.00

    A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed…

  • CVE-2022-31789Sep 6, 2022
    risk 0.00cvss epss 0.01

    An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10,…

  • CVE-2022-25290Feb 24, 2022
    risk 0.00cvss epss 0.01

    WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

  • CVE-2014-6413Feb 7, 2020
    risk 0.00cvss epss 0.01

    A Cross-site Scripting (XSS) vulnerability exists in WatchGuard XTM 11.8.3 via the poll_name parameter in the firewall/policy script.