CVE-2022-31789

CVSS 9.8 - CRITICAL
Description

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.

Affected Products
10
Vendor Product Version
watchguard fireware All versions
watchguard fireware All versions
watchguard fireware 12.6.1
watchguard fireware 12.6.1
watchguard fireware 12.6.3
watchguard fireware 12.6.4
watchguard fireware 12.7.0
watchguard fireware 12.7.1
watchguard fireware 12.7.2
watchguard fireware 12.8.0
References
https://www.watchguard.com/wgrd-psirt/advisory/wgs...
https://www.watchguard.com/wgrd-psirt/advisory/wgs...
Weakness Types
CWE-190
CVE Information
CVE ID:
CVE-2022-31789
Published:
2022-09-06
Modified:
2024-11-21
CVSS Score:
9.8
Severity:
CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Vendors
watchguard
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL