CVE-2025-12026 WatchGuard Firebox Authenticated Out of Bounds Write in certd

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including...

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 12.11.4 and earlier and 2025.1.2 and earlier, which stems from a memory corruption that could lead to a denial of service attack...

PT-2025-49165

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.11 through 11.12.4+541730 WatchGuard Fireware OS versions 12.0 through 12.11.4 WatchGuard Fireware OS versions 12.5 through 12.5.13 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 Description A remote...

WordPress FireBox plugin <= 3.1.0-free - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin FireBox versions = 3.1.0-free...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-9242link is external WatchGuard Firebox Out-of-Bounds Write Vulnerability CVE-2025-12480link is external Gladinet Triofox Improper Access Control...

WatchGuard Firebox Out-of-Bounds Write Vulnerability

WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthenticated attacker to execute arbitrary code...

CVE-2025-59396

The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative access via SSH on port 4118 with the readwrite password for the admin account...

EUVD-2025-38053

The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative access via SSH on port 4118 with the readwrite password for the admin account...

CVE-2025-59396

Rejected reason: Not a security vulnerability...

CVE-2025-59396

CVE-2025-59396 is associated with a default-configuration vulnerability in WatchGuard Firebox devices. The exposed detail from connected documents shows that the default SSH port 4118 permits administrative access using the default admin:readwrite credentials, enabling unauthenticated remote cont...

PT-2025-45340

Name of the Vulnerable Software and Affected Versions WatchGuard Firebox versions through 2025-09-10 Description The default configuration of WatchGuard Firebox devices allows administrative access via SSH on port 4118 using the default 'readwrite' password for the 'admin' account. This allows...

CVE-2025-59396

...

CVE-2025-59396

...

编号撤回

WatchGuard Firebox is a WatchGuard company that provides comprehensive network security services, from traditional IPS and GAV to web site/application control and malicious software prevention. This CVE number has been withdrawn...

Exploit for CVE-2025-59396

PoC exploit for CVE-2025-59396, an exploit targeting a default c...

📄 WatchGuard Firebox Default Credentials / SSH Access

The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative access via SSH on port 4118 using the default credentials. This configuration exposes the device to remote attackers who can gain full administrative access without prior authentication. CVE-2025-5939...

CVE-2025-4106

An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0...

CVE-2025-4106

CVE-2025-4106 is a vulnerability in WatchGuard Fireware OS where an authenticated admin who has access to both the WebUI and the CLI can enable a diagnostic debug shell by uploading a platform/version-specific diagnostic package and executing a leftover diagnostic command. Affected versions are F...

CVE-2025-4106 WatchGuard Firebox leftover debug code vulnerability

An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0...

CVE-2025-4106 WatchGuard Firebox leftover debug code vulnerability

An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0...