WatchGuard Support Center

Knowledge Base - Article

000015887
 AP100/AP102/AP200 Chained Vulnerabilities

Tracking ID: AP-242
Status: Resolved
Article Number: 000015887
CVE ID: N/A
Severity: Critical
Through a combination of security weaknesses in the AP100, AP102, and AP200 firmware versions 1.2.9.14 and earlier, an attacker with network access could gain remote access to the AP device. A successful attack requires chaining several vulnerabilities, including:
  • An unprivileged local system account with a default and unchangeable password
  • Improper authentication handling by the native Access Point web UI, which allows authentication using the local system account
To exploit these vulnerabilities, the attacker must have HTTP access to the AP device, which may be reachable from inside the LAN or through an SSID the attacker can associate to.

These vulnerabilities affect the following WatchGuard wireless AP products:
  • AP100
  • AP102
  • AP200
Workaround:

Resolution:
These vulnerabilities are resolved in AP firmware v1.2.9.15 for all three models.

The AP300 is not vulnerable to the same combination of weaknesses, but is also updated to harden it against similar potential exploits. AP firmware v2.0.0.10 includes these updates.Other AP models are not affected by these vulnerabilities.

In addition addressing these vulnerabilities, AP firmware v1.2.9.15 and v2.0.0.10 disables the AP web UI. This local web UI is no longer supported because these AP models can only be managed by Firebox Gateway Wireless Controller.