CVE-2022-31790
published 2022-09-06CVE-2022-31790: WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious…
PriorityP351high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
1.48%
70.6th percentile
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| watchguard | fireware | — | — |
| watchguard | fireware | — | — |
| watchguard | fireware | — | — |
| watchguard | fireware | — | — |
| watchguard | fireware | — | — |
| watchguard | fireware | — | — |
| watchguard | fireware | — | — |
| watchguard | fireware | >= 12.0.0 < 12.1.4 | 12.1.4 |
| watchguard | fireware | >= 12.2.0 < 12.5.10 | 12.5.10 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://www.ambionics.io/blog/hacking-watchguard-firewallshttps://www.openwall.com/lists/oss-security/2022/08/30/2https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017https://www.ambionics.io/blog/hacking-watchguard-firewallshttps://www.openwall.com/lists/oss-security/2022/08/30/2https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017
2022-09-06
Published