CVE-2022-26318
is CVE-2022-26318real, exploitable, or a false positive? Here's the community ground truth.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
References
Published
Embed this verdict
[](https://www.truepositive.app/cve/CVE-2022-26318)<a href="https://www.truepositive.app/cve/CVE-2022-26318"><img src="https://www.truepositive.app/cve/CVE-2022-26318/badge.svg" alt="TruePositive verdict for CVE-2022-26318"></a>Live badge — updates automatically as the community verdict changes.
Community ground truth
Community verdict
3 verdictsIncludes TruePositive's curated baseline from public sources — community verdicts accrue on top.
Pick your verdict — we'll save it right after a quick sign-in.
In line with its CVSS base score.
Field notes & remediation
Verdicts are the quick signal — notes are the evidence and fixes behind them.
- 0
WatchGuard Firebox and XTM Appliances Arbitrary Code Execution — On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code. Listed in the CISA KEV catalog (added 2022-03-25) — confirmed exploited in the wild, not theoretical. FIRST EPSS puts the chance of exploitation in the next 30 days at ~78%. Treat it as real and prioritize remediation over triage.
- 0
Required action for WatchGuard Firebox and XTM Appliances: Apply updates per vendor instructions. CISA set a federal remediation due date of 2022-04-15. After patching, verify the vulnerable path is no longer reachable before closing the finding.
Related CVEs
Same weakness — CWE-122.
- CVE-2021-21017CVSS 8.8KEVEPSS 86%
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
- CVE-2023-27997CVSS 9.8KEVEPSS 86%
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
- CVE-2023-4911CVSS 7.8KEVEPSS 79%
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
- CVE-2024-38812CVSS 9.8KEVEPSS 53%
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
- CVE-2023-28252CVSS 7.8KEVEPSS 49%
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVE-2023-23376CVSS 7.8KEVEPSS 11%
Windows Common Log File System Driver Elevation of Privilege Vulnerability