FBX-5312 XML-RPC Interface Crash Vulnerability

FBX-5312 XML-RPC Interface Crash Vulnerability

CVE-2017-14616 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an XML message containing an empty member element, the wgagent crashes, logging out any user with a session opened in the UI. By continuously executing the failed login attempts, UI management of the device becomes impossible.

Learn more about our User Device Pen Test.