PT-2019-7837 · Watchguard · Watchguard Fireware

Published

2019-08-23

Updated

2019-08-26

CVE-2016-6154

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Watchguard Fireware version 11.11

Description The issue concerns a reflected XSS in the authentication applet, which can also lead to an open redirect.

Recommendations For Watchguard Fireware version 11.11, consider disabling the authentication applet as a temporary workaround until a patch is available. Restrict access to the authentication applet to minimize the risk of exploitation.

Exploit

Fix

Open Redirect

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601CWE-79

Related Identifiers

CVE-2016-6154

Affected Products

Watchguard Fireware

PT-2019-7837 · Watchguard · Watchguard Fireware

CVE-2016-6154

Weakness Enumeration

Related Identifiers

Affected Products

References · 3