← Back

CVE-2022-25360

nvd nist
Published: Feb 24, 2022Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbitrary locations. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

Affected (15)

Products: Watchguard: Fireware
Watchguard
1 product
Fireware
Configuration A
15 vulnerable
Vulnerable SoftwareAffected Versions
Watchguard
Fireware
From 12.0.0 to 12.1.3
Fireware
From 12.2.0 to 12.5.9
Fireware
From 12.7.0 to 12.7.2
Fireware
Version 12.1.3
Fireware
Version 12.1.3 u1
Fireware
Version 12.1.3 u2
Fireware
Version 12.1.3 u3
Fireware
Version 12.1.3 u4
Fireware
Version 12.1.3 u5
Fireware
Version 12.1.3 u6
Fireware
Version 12.1.3 u7
Fireware
Version 12.5.9
Fireware
Version 12.5.9 u1
Fireware
Version 12.7.2
Fireware
Version 12.7.2 u1

Related CWEs

CWE-434
Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (2)

Source: cve@mitre.org
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory

Timeline

No history available yet.