Lucene search
K

267 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:46 a.m.9 views

CVE-2022-31790

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

7.5CVSS7.2AI score0.01533EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:46 a.m.8 views

CVE-2022-31789

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

9.8CVSS8.4AI score0.01516EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.12 views

CVE-2022-26318

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...

9.8CVSS7.5AI score0.78303EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2025/12/20 12:13 a.m.11 views

CVE-2025-14733

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

9.8CVSS7.7AI score0.18047EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2025/12/19 11:23 a.m.19 views

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard has released fixes to address a critical security flaw in Fireware OS that it said has been exploited in real-world attacks. Tracked as CVE-2025-14733 CVSS score: 9.3, the vulnerability has been described as a case of out-of-bounds write affecting the iked process that could allow a...

9.8CVSS8.3AI score0.8637EPSS
Exploits4
NVD
NVD
added 2025/12/19 1:16 a.m.14 views

CVE-2025-14733

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

9.8CVSS0.18047EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/19 12:1 a.m.31 views

CVE-2025-14733 WatchGuard Firebox iked Out of Bounds Write Vulnerability

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

9.3CVSS0.18047EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2025/12/19 12:0 a.m.7 views

VulnCheck KEV: CVE-2025-14733

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...

9.8CVSS6.1AI score0.18047EPSS
In wildExploits1References8
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.5 views

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS is a software from WatchGuard USA that runs on a Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 11.10.2 through 11.12.4Update1, 12.0 through 12.11.5, and 2025.1 through 2025.1.3, which originates from an out-of-bounds write and could lead to the...

9.8CVSS7.3AI score0.18047EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.5 views

PT-2025-52395

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.10.2 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.11.5 WatchGuard Fireware OS versions 2025.1 through 2025.1.3 Description An out-of-bounds write vulnerability exists in the iked...

10CVSS8AI score0.18047EPSS
Exploits1References122
RedhatCVE
RedhatCVE
added 2025/12/05 10:33 p.m.5 views

CVE-2025-1545

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only affects Firebox systems that have at least...

8.2CVSS7.3AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/05 10:33 p.m.5 views

CVE-2025-13936

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 ...

6.1CVSS6.2AI score0.00156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/05 10:33 p.m.5 views

CVE-2025-12026

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including...

8.6CVSS7.8AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/05 10:33 p.m.5 views

CVE-2025-13938

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Autotask Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 ...

6.1CVSS6.2AI score0.00156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/05 10:33 p.m.7 views

CVE-2025-12196

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up ...

8.6CVSS7.6AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/05 10:33 p.m.6 views

CVE-2025-13940

An Expected Behavior Violation CWE-440 vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting down in the event of a system integrity check failure. The on-demand system integrity check in the...

6.7CVSS6.9AI score0.00107EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/05 12:31 a.m.5 views

EUVD-2025-201304

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up ...

8.6CVSS7.1AI score0.0053EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/05 12:31 a.m.5 views

EUVD-2025-201300

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Gateway Wireless Controller module allows Stored XSS.This issue affects Fireware OS 11.7.2 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 u...

4.8CVSS5.7AI score0.00156EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/05 12:31 a.m.5 views

EUVD-2025-201303

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 ...

4.8CVSS5.7AI score0.00156EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/05 12:31 a.m.7 views

EUVD-2025-201297

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only affects Firebox systems that have at least...

8.2CVSS6.8AI score0.00417EPSS
Exploits0References2
Rows per page
Query Builder