VYPR
Vendor

Firewalld

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2024-40892HigAug 12, 2024
    risk 0.47cvss 7.1epss 0.01

    A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker…

  • CVE-2024-40893MedAug 12, 2024
    risk 0.44cvss 6.8epss 0.02

    Multiple authenticated operating system (OS) command injection vulnerabilities exist in Firewalla Box Software versions before 1.979. A physically close attacker that is authenticated to the Bluetooth Low-Energy (BTLE) interface can use the network configuration service to…

  • CVE-2026-4948MedMar 27, 2026
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper…

  • CVE-2016-5410MedApr 19, 2017
    risk 0.36cvss 5.5epss 0.00

    firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.

VYPR — Vulnerability Intelligence