GCVE - cpe:2.3:o:watchguard:fireware:12.6.4:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:watchguard:fireware:12.6.4:*:*:*:*:*:*:*

part: o version: 12.6.4 update: *

Vendor	Watchguard (`ec468727-86da-5bb0-9483-b62749e25478`)
Product	Fireware (`898564d4-b91a-5b47-bcac-96a2c4d78aba`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-31792`	vulnerable	2026-06-03 14:47:20.508312	Details available A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can potentially execute arbitrary JavaScript code in the management web interface by sending crafted requests to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4. Published: 2022-09-06T18:24:45.000Z Updated: 2024-08-03T07:26:01.229Z Open on db.gcve.eu Reference links https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00014	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-31791`	vulnerable	2026-06-03 14:47:20.507644	Details available WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4. Published: 2022-09-06T18:26:38.000Z Updated: 2024-08-03T07:26:01.197Z Open on db.gcve.eu Reference links https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00018	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-31790`	vulnerable	2026-06-03 14:47:20.507162	Details available WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4. Published: 2022-09-06T17:54:41.000Z Updated: 2024-08-03T07:26:01.128Z Open on db.gcve.eu Reference links https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00017 https://www.openwall.com/lists/oss-security/2022/08/30/2 https://www.ambionics.io/blog/hacking-watchguard-firewalls	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-31789`	vulnerable	2026-06-03 14:47:20.504647	Details available An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4. Published: 2022-09-06T18:16:40.000Z Updated: 2024-08-03T07:26:01.237Z Open on db.gcve.eu Reference links https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00015	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.