272 matches found
CVE-2025-1547
WatchGuard Fireware OS has a stack-based buffer overflow in the certificate request CLI command (CWE-121) that could allow an authenticated privileged user to execute arbitrary code. Affected releases: Fireware OS 12.0–12.5.12+701324 and 12.6–12.11.2. Root cause appears to be insufficient bounds ...
CVE-2025-11838 WatchGuard Firebox iked Memory Corruption Vulnerability
A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service DoS condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware O...
CVE-2025-11838 WatchGuard Firebox iked Memory Corruption Vulnerability
A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service DoS condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware O...
CVE-2025-13940 WatchGuard Firebox Boot Time System Integrity Check Bypass
An Expected Behavior Violation CWE-440 vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting down in the event of a system integrity check failure. The on-demand system integrity check in the...
CVE-2025-13940 WatchGuard Firebox Boot Time System Integrity Check Bypass
An Expected Behavior Violation CWE-440 vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting down in the event of a system integrity check failure. The on-demand system integrity check in the...
CVE-2025-13939 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Gateway Wireless Controller
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Gateway Wireless Controller module allows Stored XSS.This issue affects Fireware OS 11.7.2 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 u...
CVE-2025-13939
WatchGuard Fireware OS (Gateway Wireless Controller module) is affected by CVE-2025-13939: a Stored XSS vulnerability caused by improper neutralization of input during web page generation. Affected versions include Fireware OS 11.7.2 through 11.12.4+541730, 12.0 through 12.11.4, 12.5 through 12.5...
CVE-2025-13938 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Autotask Technology Integration Configuration
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Autotask Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 ...
CVE-2025-13937
CVE-2025-13937 describes a Stored XSS in WatchGuard Fireware OS via the ConnectWise Technology Integration module. The vulnerability results from improper neutralization of input during web page generation, affecting Fireware OS versions 12.4–12.11.4, 12.5–12.5.13, and 2025.1–2025.1.2. The impact...
CVE-2025-13936
The CVE-2025-13936 entry documents a Stored XSS vulnerability in WatchGuard Fireware OS, specifically within the Tigerpaw Technology Integration module. Affected software/versions are Fireware OS 12.4 through 12.11.4, 12.5 through 12.5.13, and 2025.1 through 2025.1.2. The root cause is improper n...
CVE-2025-13936 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Tigerpaw Technology Integration Configuration
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 ...
CVE-2025-12196
CVE-2025-12196 affects WatchGuard Fireware OS CLI with an authenticated privileged user potentially executing arbitrary code due to an out-of-bounds write. Affected versions are Fireware OS 12.0–12.11.4, 12.5–12.5.13, and 2025.1–2025.1.2. The connected PT-Security advisory provides concrete detai...
CVE-2025-12195 WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI IPSec Configuration
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via specially crafted IPSec configuration CLI commands.This vulnerability affects Fireware OS 11.0 up to and including 11.12.4+541730, 12.0 up to and includi...
CVE-2025-12195 WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI IPSec Configuration
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via specially crafted IPSec configuration CLI commands.This vulnerability affects Fireware OS 11.0 up to and including 11.12.4+541730, 12.0 up to and includi...
CVE-2025-12026
WatchGuard Fireware OS contains an Out-of-bounds Write vulnerability in the certificate request command that can allow an authenticated privileged user to execute arbitrary code via crafted CLI commands. Affected versions include Fireware OS 12.0–12.11.4, 12.5–12.5.13, and 2025.1–2025.1.2. Mitiga...
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 12.11.4 and earlier and 2025.1.2 and earlier, which stems from a memory corruption that could lead to a denial of service attack...
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 12.11.4 and earlier, 12.5.13 and earlier, and 2025.1.2 and earlier, which stems from improper input neutralization and could lead to a stored cross-sit...
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 12.11.4 and earlier, 12.5.13 and earlier, and 2025.1.2 and earlier, which stems from improper input neutralization and could lead to a stored cross-sit...
PT-2025-49155
Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.0 through 11.12.4+541730 WatchGuard Fireware OS versions 12.0 through 12.11.4 WatchGuard Fireware OS versions 12.5 through 12.5.13 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 Description An...
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software from WatchGuard USA that runs on a Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 11.11 through 11.12.4+541730 and 12.0 through 12.11.4 and 12.5 through 12.5.13 and 2025.1 through 2025.1.2, which originates from an XPath injection...