cbcvebase.
CVE-2022-31790
published 2022-09-06

CVE-2022-31790: WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious…

PriorityP351high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
1.48%
70.6th percentile
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.

Affected

9 ranges
VendorProductVersion rangeFixed in
watchguardfireware
watchguardfireware
watchguardfireware
watchguardfireware
watchguardfireware
watchguardfireware
watchguardfireware
watchguardfireware>= 12.0.0 < 12.1.412.1.4
watchguardfireware>= 12.2.0 < 12.5.1012.5.10
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.