virus logo Intrusion Prevention

Watchguard.AP.Backdoor

description-logoDescription

This indicates detection of a Security Bypass vulnerability in Watchguard AP.
The vulnerability is due to a default account with an unchangeable password in the application. A remote attacker may be able to exploit this to execute arbitrary code obtain access to the device, via a request.

affected-products-logoAffected Products

Watchguard AP 100 with firmware version 1.2.9.14 and prior
Watchguard AP 102 with firmware version 1.2.9.14 and prior
Watchguard AP 200 with firmware version 1.2.9.14 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version, available from the vendor.
https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000LIy

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-04-23 14.598 Default_action:pass:drop
2019-04-10 14.590

References

https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000LIy 45409
ID 47694
Created Apr 10, 2019
Updated May 02, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2018-10577 CVE-2018-10576 CVE-2018-10575
Exploit Prediction Score 0.43%
Default Action drop
Active
Affected OS Other
Affected App Other