PT-2018-9974 · Watchguard · Watchguard Ap200+2
Stephen Shkardoon
·
Publicado
2018-04-30
·
Atualizado
2018-09-16
·
CVE-2018-10576
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
WatchGuard AP100 versions prior to 1.2.9.15
WatchGuard AP102 versions prior to 1.2.9.15
WatchGuard AP200 versions prior to 1.2.9.15
Description:
An issue was discovered that allows improper authentication handling by the native Access Point web UI. This enables authentication using a local system account instead of the dedicated web-only user.
Recommendations:
For WatchGuard AP100 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later.
For WatchGuard AP102 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later.
For WatchGuard AP200 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later.
Exploit
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Watchguard Ap100
Watchguard Ap102
Watchguard Ap200