all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

Add to bookmarks
March 29, 2024, 6:04 p.m. |

Packet Storm packetstormsecurity.com

This Metasploit module exploits a buffer overflow at the administration interface (8080 or 4117) of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. Successful exploitation results in remote code execution as user nobody.

administration agent authentication backend binary buffer buffer overflow called command endpoint exploits interface login metasploit overflow python remote command execution requests rpc unauthenticated vulnerability watchguard watchguard firebox xml

Visit resource

More from packetstormsecurity.com / Packet Storm

Defending Infrastructure, Securing Systems Key To CISA's New AI Guidelines an hour ago | packetstormsecurity.com
cisa defending government guidelines +4
Apple's Incredibly Private Safari Is Not So Private In Europe an hour ago | packetstormsecurity.com
apple europe flaw privacy +2
Hacker Jailed For Blackmailing Therapy Patients an hour ago | packetstormsecurity.com
cybercrime data loss finland fraud +4
UK Outlaws Awful Default Passwords On Connected Devices an hour ago | packetstormsecurity.com
britain connected connected devices default +5
Vulnerability In R Programming Language Could Fuel Supply Chain Attacks an hour ago | packetstormsecurity.com
attacks flaw fuel language +6
FCC Fines Wireless Carriers For Sharing User Locations Without Consent an hour ago | packetstormsecurity.com
carriers consent fcc fines +6
Kemp LoadMaster Unauthenticated Command Injection 1 day, 2 hours ago | packetstormsecurity.com
authorization command command injection command injection vulnerability +9
Debian Security Advisory 5675-1 1 day, 2 hours ago | packetstormsecurity.com
advisory arbitrary code chromium code +13
Doctor Appointment Management System 1.0 Cross Site Scripting 1 day, 2 hours ago | packetstormsecurity.com
cross site scripting management management system scripting +4

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Threat Analysis Engineer

@ Gen | IND - Tamil Nadu, Chennai
View on infosec-jobs.com

Head of Security

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com

IT Security Vulnerability Management Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Security Engineer - Netskope/Proofpoint

@ Sainsbury's | Coventry, West Midlands, United Kingdom
View on infosec-jobs.com

Journeyman Cybersecurity Analyst

@ ISYS Technologies | Kirtland AFB, NM, United States
View on infosec-jobs.com
View more jobs