Very nice writeup, some really interesting bugs! ## Tweets - https://twitter.com/cfreal_/status/1564256641125605376 <blockquote class="twitter-tweet"><p lang="en" dir="ltr">As promised, here&#39;s the blogpost describing the journey that landed us pre-auth <a href="https://twitter.com/hashtag/RCE?src=hash&amp;ref_src=twsrc%5Etfw">#RCE</a> on <a href="https://twitter.com/watchguard?ref_src=twsrc%5Etfw">@watchguard</a> firewalls. Most of the bugs are binary, but there&#39;s also a time-based XPath injection for web folks ! <a href="https://t.co/xsoewB11Nx">https://t.co/xsoewB11Nx</a></p>&mdash; Charles Fol (@cfreal_) <a href="https://twitter.com/cfreal_/status/1564256641125605376?ref_src=twsrc%5Etfw">August 29, 2022</a></blockquote> ## Links - https://www.ambionics.io/blog/hacking-watchguard-firewalls