WatchGuard Fireware AD Helper Component - Credentials Disclosure
By kannthu
Critical
Vidoc Module
#watchguard#disclosure#edb
Description
Author: gy741
Classification
CWE-ID: CWE-288
CVSS-Metrics: CVSS:10.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS-Score: 10
WatchGuard Fireware Threat Detection and Response (TDR) service contains a credential-disclosure vulnerability in the AD Helper component that allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.
Reference
- https://www.exploit-db.com/exploits/48203
- https://www.watchguard.com/wgrd-blog/tdr-ad-helper-credential-disclosure-vulnerability
Metadata
max-request: 1