Remote Command Execution Vulnerability in WatchGuard XCS
CVE-2015-5453

Currently unrated

Key Information:

Vendor: Watchguard
Status: Xcs
Vendor: CVE Published:; 8 July 2015

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 69%

Summary

WatchGuard XCS versions 9.2 and 10.0 prior to build 150522 are susceptible to a remote command execution vulnerability. This issue allows authenticated remote users to execute arbitrary commands on the system by injecting shell metacharacters into the 'id' parameter accessed via ADMIN/mailqueue.spl. This breach can lead to unauthorized access, posing significant risks to the integrity and confidentiality of the affected systems. Administrators are strongly advised to apply the available security updates to mitigate this risk.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2015-5453
Created by Rapid7

References

http://www.watchguard.com/support/release-notes/xcs/9/en-...

x_refsource_CONFIRM

https://www.exploit-db.com/exploits/38346/

exploitx_refsource_EXPLOIT-DB

http://packetstormsecurity.com/files/132498/Watchguard-XC...

x_refsource_MISC

EPSS Score

69% chance of being exploited in the next 30 days.

Timeline

🟡
Public PoC available
Sep 16, 2015
👾
Exploit known to exist
Sep 16, 2015
Vulnerability published
Jul 8, 2015
Vulnerability Reserved
Jul 8, 2015