EUVD-2026-18090

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...

CVE-2026-3987 WatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UI

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...

CVE-2026-3987

CVE-2026-3987 describes a path traversal vulnerability in the Fireware OS Web UI of WatchGuard Firebox systems. A privileged, authenticated remote attacker could trigger arbitrary code execution within an elevated system process. Affected are Fireware OS versions 12.6.1 through 12.11.8 and 2025.1...

PT-2026-29637

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...

EUVD-2026-17081

A Cross-Site Request Forgery CSRF vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service DoS condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.This issue affects Fireware OS: 11....

CVE-2026-4266

An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1...