EIP-2026-102432

PRE-CVE

WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102432. PoCs published by RedTeam Pentesting GmbH.

AI-analyzed exploit summary This is a detailed advisory describing an information disclosure vulnerability in WatchGuard Fireware AD Helper Component. The vulnerability allows unauthenticated attackers to retrieve plaintext Active Directory credentials via an HTTP GET request to the '/domains/list' endpoint.

Description

WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure

Exploits (1)

exploitdb WRITEUP

by RedTeam Pentesting GmbH · textwebappsjava

https://www.exploit-db.com/exploits/48203

View Code ZIP pw:eip

This is a detailed advisory describing an information disclosure vulnerability in WatchGuard Fireware AD Helper Component. The vulnerability allows unauthenticated attackers to retrieve plaintext Active Directory credentials via an HTTP GET request to the '/domains/list' endpoint.

Classification

Writeup 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WatchGuard Fireware AD Helper Component 5.8.5.10233, < 5.8.5.10317

No auth needed

Prerequisites: Network access to the AD Helper Component's web interface

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026