1. Home
  2. CVE Database
  3. CVE-2022-25361
CRITICAL · 9.1

CVE-2022-25361

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before ...

Vulnerability Description

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
WatchguardFireware>= 12.0.0, < 12.1.3
WatchguardFirebox M200-
WatchguardFirebox M270-
WatchguardFirebox M290-
WatchguardFirebox M300-
WatchguardFirebox M370-
WatchguardFirebox M390-
WatchguardFirebox M400-
WatchguardFirebox M440-
WatchguardFirebox M470-
WatchguardFirebox M4800-
WatchguardFirebox M500-
WatchguardFirebox M570-
WatchguardFirebox M5800-
WatchguardFirebox M590-
WatchguardFirebox M670-
WatchguardFirebox M690-
WatchguardFirebox T10-
WatchguardFirebox T10-D-
WatchguardFirebox T10-W-

References

FAQ

What is CVE-2022-25361?

CVE-2022-25361 is a vulnerability with a CVSS score of 9.1 (CRITICAL). WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before ...

How severe is CVE-2022-25361?

CVE-2022-25361 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2022-25361?

Check the references section above for vendor advisories and patch information. Affected products include: Watchguard Fireware, Watchguard Firebox M200, Watchguard Firebox M270, Watchguard Firebox M290, Watchguard Firebox M300.