Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WatchGuard Firebox LDAP Injection
Vulnerability Description
An LDAP Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from a connected LDAP authentication server through an exposed authentication or management web interface. This vulnerability may also allow a remote attacker to authenticate as an LDAP user with a partial identifier if they additionally have that user's valid passphrase.This issue affects Fireware OS: from 12.0 through 12.11.6, from 12.5 through 12.5.15, from 2025.1 through 2026.0.
CVSS Information
N/A
Vulnerability Type
LDAP查询中使用的特殊元素转义处理不恰当(LDAP注入)
Vulnerability Title
WatchGuard Fireware OS 安全漏洞
Vulnerability Description
WatchGuard Fireware OS是美国WatchGuard公司的一个在 Firebox 上运行的软件。 WatchGuard Fireware OS 12.0版本至12.11.6版本、12.5版本至12.5.15版本和2025.1版本至2026.0版本存在安全漏洞,该漏洞源于LDAP注入,可能导致从连接的LDAP身份验证服务器检索敏感信息或使用部分标识符进行身份验证。
CVSS Information
N/A
Vulnerability Type
N/A