Vulnerabilities
Vulnerable Software
Security Vulnerabilities
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS wgagent process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.This vulnerability affects Fireware OS 12.1 up to and including 12.12 and 2025.1 up to and including 2026.2.
CVSS Score
8.6
EPSS Score
0.005
Published
2026-07-03
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and 2025.1 up to and including 2026.2.
CVSS Score
8.6
EPSS Score
0.005
Published
2026-07-03
A path traversal vulnerability in the WatchGuard Fireware OS Management Web UI allows a privileged authenticated attacker to write arbitrary files on the Firebox's filesystem. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and 2025.1 up to and including 2026.2.
CVSS Score
8.6
EPSS Score
0.005
Published
2026-07-03
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the client is installed. This issue affects the Mobile VPN with SSL client for Windows up to and including 2026.2.
CVSS Score
7.3
EPSS Score
0.001
Published
2026-07-03
Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.
CVSS Score
9.9
EPSS Score
0.006
Published
2026-07-02
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.006
Published
2026-07-02
Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.
CVSS Score
9.9
EPSS Score
0.006
Published
2026-07-02
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
9.3
EPSS Score
0.005
Published
2026-07-02
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.
CVSS Score
4.8
EPSS Score
0.004
Published
2026-07-02
Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to forge the SIG payload when small public exponents are being used (e.g., e=3), which could lead to impersonation. Additionally, a remote attacker, by encoding a shorter than expected hash in the SIG payload, could trigger an assertion leading to denial-of-service. The daemon aborts and restarts; continued exploitation causes sustained denial of service. Remote code execution is not possible. X.509 certificate verifications of remote IKE peers are not affected.
CVSS Score
8.1
EPSS Score
0.004
Published
2026-07-02


Contact Us

Shodan ® - All rights reserved