Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WatchGuard Fireware AD Helper Component - Credentials Disclosure

By kannthu

Vidoc logoVidoc Module
Author: gy741 Classification CWE-ID: CWE-288 CVSS-Metrics: CVSS:10.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS-Score: 10 WatchGuard Fireware Threat Detection and Response (TDR) service contains a credential-disclosure vulnerability in the AD Helper component that allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext. Reference - - Metadata max-request: 1

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: "fullyQualifiedName", "logonDomain", "us...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability