Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-25361

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

Published

2022-06-07T14:15:09.393

Last Modified

2024-11-21T06:52:04.643

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.1 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

4.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	watchguard	fireware	< 12.1.3	Yes
Operating System	watchguard	fireware	< 12.5.9	Yes
Operating System	watchguard	fireware	12.1.3	Yes
Operating System	watchguard	fireware	12.1.3	Yes
Operating System	watchguard	fireware	12.1.3	Yes
Operating System	watchguard	fireware	12.1.3	Yes
Operating System	watchguard	fireware	12.1.3	Yes
Operating System	watchguard	fireware	12.1.3	Yes
Operating System	watchguard	fireware	12.1.3	Yes
Operating System	watchguard	fireware	12.1.3	Yes
Operating System	watchguard	fireware	12.5.9	Yes
Operating System	watchguard	fireware	12.5.9	Yes
Operating System	watchguard	fireware	12.7.2	Yes
Operating System	watchguard	fireware	12.7.2	Yes
Hardware	watchguard	firebox_m200	-	No
Hardware	watchguard	firebox_m270	-	No
Hardware	watchguard	firebox_m290	-	No
Hardware	watchguard	firebox_m300	-	No
Hardware	watchguard	firebox_m370	-	No
Hardware	watchguard	firebox_m390	-	No
Hardware	watchguard	firebox_m400	-	No
Hardware	watchguard	firebox_m440	-	No
Hardware	watchguard	firebox_m470	-	No
Hardware	watchguard	firebox_m4800	-	No
Hardware	watchguard	firebox_m500	-	No
Hardware	watchguard	firebox_m570	-	No
Hardware	watchguard	firebox_m5800	-	No
Hardware	watchguard	firebox_m590	-	No
Hardware	watchguard	firebox_m670	-	No
Hardware	watchguard	firebox_m690	-	No
Hardware	watchguard	firebox_t10	-	No
Hardware	watchguard	firebox_t10-d	-	No
Hardware	watchguard	firebox_t10-w	-	No
Hardware	watchguard	firebox_t15	-	No
Hardware	watchguard	firebox_t15-w	-	No
Hardware	watchguard	firebox_t20	-	No
Hardware	watchguard	firebox_t20-w	-	No
Hardware	watchguard	firebox_t30	-	No
Hardware	watchguard	firebox_t30-w	-	No
Hardware	watchguard	firebox_t35	-	No
Hardware	watchguard	firebox_t35-r	-	No
Hardware	watchguard	firebox_t35-w	-	No
Hardware	watchguard	firebox_t40	-	No
Hardware	watchguard	firebox_t40-w	-	No
Hardware	watchguard	firebox_t50	-	No
Hardware	watchguard	firebox_t50-w	-	No
Hardware	watchguard	firebox_t55	-	No
Hardware	watchguard	firebox_t55-w	-	No
Hardware	watchguard	firebox_t70	-	No
Hardware	watchguard	firebox_t80	-	No
Hardware	watchguard	firebox_xtm1520-rp	-	No
Hardware	watchguard	firebox_xtm1525-rp	-	No
Hardware	watchguard	firebox_xtm2520	-	No
Hardware	watchguard	firebox_xtm850	-	No
Hardware	watchguard	firebox_xtm860	-	No
Hardware	watchguard	firebox_xtm870	-	No
Hardware	watchguard	firebox_xtm870-f	-	No
Hardware	watchguard	fireboxcloud	-	No
Hardware	watchguard	fireboxv	-	No
Hardware	watchguard	xtmv	-	No

References

https://watchguard.com Vendor Advisory ([email protected])
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004 Vendor Advisory ([email protected])
https://watchguard.com Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00004 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)