EUVD-2026-5033

🗓️ 30 Jan 2026 13:02:59Reported by EUVDType

LDAP Injection in WatchGuard Fireware OS allows unauthenticated access to LDAP data and login with a partial identifier if the passphrase is known.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-1498	30 Jan 202613:02	–	attackerkb
Circl	CVE-2026-1498	30 Jan 202615:38	–	circl
CNNVD	WatchGuard Fireware OS security vulnerabilities	30 Jan 202600:00	–	cnnvd
CVE	CVE-2026-1498	30 Jan 202613:02	–	cve
Cvelist	CVE-2026-1498 WatchGuard Firebox LDAP Injection	30 Jan 202613:02	–	cvelist
NVD	CVE-2026-1498	30 Jan 202613:15	–	nvd
Positive Technologies	PT-2026-5396	30 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-1498	31 Jan 202615:21	–	redhatcve
Vulnrichment	CVE-2026-1498 WatchGuard Firebox LDAP Injection	30 Jan 202613:02	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "1848cbd3-8a6c-3142-8d6d-5403512dbb52",
        "vendor": {
          "name": "WatchGuard"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "37ef302e-c953-3e0f-b7e0-3c79c2740a4b",
        "product": {
          "name": "Fireware OS"
        },
        "product_version": "12.5 ≤12.5.15"
      },
      {
        "id": "7612dfde-b8af-3aa4-9ca8-634fa0621169",
        "product": {
          "name": "Fireware OS"
        },
        "product_version": "2025.1 ≤2026.0"
      },
      {
        "id": "f795028e-ac66-3d84-aeb8-3d8daf7ef5a6",
        "product": {
          "name": "Fireware OS"
        },
        "product_version": "12.0 ≤12.11.6"
      }
    ]
  }
]

Source	Link
watchguard	www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00001

30 Jan 2026 13:02Current

5.9Medium risk

Vulners AI Score5.9

CVSS 47

EPSS0.001