- Description
- Multiple untrusted search path vulnerabilities in (1) Watchguard Log Collector (wlcollector.exe) and (2) Watchguard WebBlocker Server (wbserver.exe) in WatchGuard Server Center 11.7.4, 11.7.3, and possibly earlier allow local users to gain privileges via a Trojan horse wgpr.dll file in the application's bin directory.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-264
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:watchguard:server_center:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81F2DFE5-A59F-4E7E-9ECD-790082748033",
"versionEndIncluding": "11.7.4"
},
{
"criteria": "cpe:2.3:a:watchguard:server_center:11.7.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55B9CA2D-E4F8-463A-B07E-09BA36E5A06F"
}
],
"operator": "OR"
}
]
}
]