Back to KEVs

CVE-2022-26318

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS...

Basic Information

CVE State: PUBLISHED
Reserved Date: February 28, 2022
Published Date: March 04, 2022
Last Updated: January 29, 2025
Vendor: n/a
Product: n/a
Description: On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2022-03-25 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2022-05-21 11:51:58 UTC) Source

References

https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html

Known Exploited Vulnerability Information

Source	Added Date
CISA	2022-03-25 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/watchguard_firebox_unauth_rce_cve_2022_26318.rb	2025-04-29 11:01:16 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

watchguard_firebox_unauth_rce_cve_2022_26318

Type: metasploit • Created: Unknown

Metasploit module for CVE-2022-26318

BabyTeam1024/CVE-2022-26318

Type: github • Created: 2022-05-21 11:51:58 UTC • Stars: 2

h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318

Type: github • Created: 2022-04-18 15:14:30 UTC • Stars: 3

Watchguard RCE POC CVE-2022-26318