VYPR

Vendor CVEs

WatchGuard

All CVEs

120 total · sorted by risk
  • CVE-2018-10575CriApr 30, 2018
    risk 0.67cvss 9.8epss 0.09

    An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Hardcoded credentials exist for an unprivileged SSH account with a shell of /bin/false.

  • CVE-2018-10578CriMay 2, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. Incorrect validation of the "old password" field in the change password form allows an attacker to bypass validation of this…

  • CVE-2018-10577HigMay 2, 2018
    risk 0.61cvss 8.8epss 0.07

    An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root,…

  • CVE-2015-2878HigOct 23, 2017
    risk 0.61cvss 8.8epss 0.04

    Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that (1) add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the (2)…

  • CVE-2025-4106HigOct 24, 2025
    risk 0.58cvss epss 0.00

    An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects…

  • CVE-2026-3987HigApr 1, 2026
    risk 0.56cvss epss 0.01

    A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8…

  • CVE-2018-10576HigApr 30, 2018
    risk 0.54cvss 7.8epss 0.02

    An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Improper authentication handling by the native Access Point web UI allows authentication using a local system account (instead of the dedicated web-only user).

  • CVE-2016-7089HigAug 24, 2016
    risk 0.54cvss 7.8epss 0.01

    WatchGuard RapidStream appliances allow local users to gain privileges and execute arbitrary commands via a crafted ifconfig command, aka ESCALATEPLOWMAN.

  • CVE-2016-3943HigApr 18, 2016
    risk 0.54cvss 7.8epss 0.01

    Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business products for Windows, uses a weak ACL for the Panda Security/WaAgent directory and sub-directories, which allows local users to gain SYSTEM privileges by modifying an executable module.

  • CVE-2015-7378HigApr 18, 2016
    risk 0.54cvss 7.8epss 0.01

    Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe.

  • CVE-2026-6788HigMay 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Uncontrolled Search Path Element vulnerability in WatchGuard Agent on Windows allows Using Malicious Files.This issue affects WatchGuard Agent before 1.25.03.0000.

  • CVE-2026-6787HigMay 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000.

  • CVE-2026-41288HigMay 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Incorrect permission assignment for a resource in the patch management component of the WatchGuard Agent on Windows allows an authenticated local user to elevate their privileges to NT AUTHORITY\\SYSTEM.

  • CVE-2025-57624HigSep 16, 2025
    risk 0.51cvss 7.8epss 0.00

    A DLL hijacking vulnerability in CYRISMA Agent before 444 allows local users to escalate privileges and execute arbitrary code via multiple DLLs.

  • CVE-2025-24864HigMar 6, 2025
    risk 0.51cvss 7.8epss 0.00

    Incorrect access permission of a specific folder issue exists in RemoteView Agent (for Windows) versions prior to v8.1.5.2. If this vulnerability is exploited, a non-administrative user on the remote PC may execute an arbitrary OS command with LocalSystem privilege.

  • CVE-2024-8424HigNov 8, 2024
    risk 0.51cvss 7.8epss 0.00

    Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions. This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before…

  • CVE-2024-1417HigMay 16, 2024
    risk 0.51cvss 7.8epss 0.01

    Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in WatchGuard AuthPoint Password Manager on MacOS allows an a adversary with local access to execute code under the context of the AuthPoint Password Manager application. This issue…

  • CVE-2017-14616HigSep 20, 2017
    risk 0.49cvss 7.5epss 0.02

    An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing…

  • CVE-2025-27237HigOct 3, 2025
    risk 0.47cvss epss 0.00

    In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL.

  • CVE-2026-1498HigJan 30, 2026
    risk 0.46cvss epss 0.01

    An LDAP Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from a connected LDAP authentication server through an exposed authentication or management web interface. This vulnerability may also allow a…

  • CVE-2025-6999MedSep 15, 2025
    risk 0.45cvss epss 0.01

    An HTTP Request Smuggling [CWE-444] vulnerability in the Authentication portal of WatchGuard Fireware OS allows a remote attacker to evade request parameter sanitation and perform a reflected self-Cross-Site Scripting (XSS) attack.This issue affects Fireware OS: from 12.0…

  • CVE-2026-41286MedMay 6, 2026
    risk 0.42cvss 6.5epss 0.00

    Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthenticated attacker on the same local network could exploit this vulnerability to crash the agent service.

  • CVE-2026-41287MedMay 6, 2026
    risk 0.42cvss 6.5epss 0.00

    Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthenticated attacker on the same local network could exploit this vulnerability to crash the agent service.

  • CVE-2025-67545MedDec 9, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FirePlugins FireBox firebox allows Stored XSS.This issue affects FireBox: from n/a through <= 3.1.0-free.

  • CVE-2022-31749MedJan 28, 2025
    risk 0.42cvss 6.5epss 0.01

    An argument injection vulnerability in the diagnose and import pac commands in WatchGuard Fireware OS before 12.8.1, 12.1.4, and 12.5.10 allows an authenticated remote attacker with unprivileged credentials to upload or read files to limited, arbitrary locations on WatchGuard…

  • CVE-2025-1910MedDec 4, 2025
    risk 0.41cvss epss 0.00

    The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM on the Windows machine where the VPN Client is installed.This issue affects the Mobile VPN with SSL Client…

  • CVE-2025-1549MedOct 29, 2025
    risk 0.41cvss epss 0.00

    A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944. …

  • CVE-2025-2781MedMar 28, 2025
    risk 0.41cvss epss 0.00

    The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects…

  • CVE-2017-14615MedSep 20, 2017
    risk 0.40cvss 6.1epss 0.01

    An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be…

  • CVE-2017-8060MedMay 5, 2017
    risk 0.38cvss 5.9epss 0.01

    Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call.

  • CVE-2017-8339MedApr 30, 2017
    risk 0.36cvss 5.5epss 0.00

    PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \\.\PSMEMDriver.

  • CVE-2017-8056MedApr 22, 2017
    risk 0.35cvss 5.3epss 0.05

    WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections,…

  • CVE-2017-8055MedApr 22, 2017
    risk 0.35cvss 5.3epss 0.02

    WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could…

  • CVE-2025-6947MedSep 15, 2025
    risk 0.31cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the SIP Proxy module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This…

  • CVE-2025-4805MedMay 16, 2025
    risk 0.31cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Fireware OS:…

  • CVE-2025-4804MedMay 16, 2025
    risk 0.31cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the spamBlocker module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This…

  • CVE-2025-1239MedFeb 14, 2025
    risk 0.31cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the Blocked Sites list. This vulnerability requires an authenticated administrator session to a locally managed Firebox.This…

  • CVE-2022-26318KEVMar 4, 2022
    risk 0.22cvss epss 0.78

    On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

  • CVE-2025-9242KEVSep 17, 2025
    risk 0.18cvss epss 0.86

    An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway…

  • CVE-2025-14733KEVDec 19, 2025
    risk 0.14cvss epss 0.18

    An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway…

  • CVE-2022-23176KEVFeb 24, 2022
    risk 0.13cvss epss 0.12

    WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through…

  • CVE-2015-5453Jul 8, 2015
    risk 0.08cvss epss 0.57

    Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl.

  • CVE-2013-6021Oct 19, 2013
    risk 0.04cvss epss 0.12

    Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie.

  • CVE-2015-5452Jul 8, 2015
    risk 0.03cvss epss 0.03

    SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3.

  • CVE-2013-5701Oct 3, 2013
    risk 0.03cvss epss 0.01

    Multiple untrusted search path vulnerabilities in (1) Watchguard Log Collector (wlcollector.exe) and (2) Watchguard WebBlocker Server (wbserver.exe) in WatchGuard Server Center 11.7.4, 11.7.3, and possibly earlier allow local users to gain privileges via a Trojan horse wgpr.dll…

  • CVE-2011-2165May 23, 2011
    risk 0.03cvss epss 0.05

    The STARTTLS implementation in WatchGuard XCS 9.0 and 9.1 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a…

  • CVE-2001-0049Feb 16, 2001
    risk 0.03cvss epss 0.03

    WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to cause a denial of service via a large number of GET requests.

  • CVE-2024-5974Jul 9, 2024
    risk 0.01cvss epss 0.01

    A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on the firewall. This issue affects Fireware OS: from 11.9.6 through 12.10.3.

  • CVE-2020-10532Mar 12, 2020
    risk 0.01cvss epss 0.03

    The AD Helper component in WatchGuard Fireware before 5.8.5.10317 allows remote attackers to discover cleartext passwords via the /domains/list URI.

  • CVE-2005-1214Jun 14, 2005
    risk 0.01cvss epss 0.13

    Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.

Page 1 of 3