CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

watchguard

ap102_firmware

4 known vulnerabilities · sorted by CVSS score

CVE-2018-10575

CRITICAL9.8

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Hardcoded credentials exist for an unprivileged SSH account with a shell of /bin/false.

watchguard / ap200_firmware+2

Network

Published Apr 30, 2018

CVE-2018-10578

CRITICAL9.8

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. Incorrect validation of the "old password" field in the change password form allows an attacker to bypass validation of this field.

watchguard / ap200_firmware+3

Network

Published May 2, 2018

CVE-2018-10577

HIGH8.8

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root, allowing these files to be executed as root.

watchguard / ap200_firmware+3

Network

Published May 2, 2018

CVE-2018-10576

HIGH7.8

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Improper authentication handling by the native Access Point web UI allows authentication using a local system account (instead of the dedicated web-only user).

watchguard / ap200_firmware+2

Local

Published Apr 30, 2018