Lucene search
K

35 matches found

Cvelist
Cvelist
added 2025/12/04 9:45 p.m.24 views

CVE-2025-13936 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Tigerpaw Technology Integration Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 ...

4.8CVSS0.00156EPSS
Exploits0References1
CVE
CVE
added 2025/12/04 9:43 p.m.15 views

CVE-2025-12195

CVE-2025-12195 describes an out-of-bounds write vulnerability in the WatchGuard Fireware OS CLI. An authenticated privileged user can trigger arbitrary code execution by sending specially crafted IPSec configuration CLI commands. Affected versions span Fireware OS 11.0–11.12.4+541730, 12.0–12.11....

8.6CVSS6.9AI score0.00589EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.4 views

PT-2025-49166

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.5.12+701324 WatchGuard Fireware OS versions 12.6 through 12.11.2 Description A stack-based buffer overflow exists in the certificate request command of WatchGuard Fireware OS. An authenticated...

7.5CVSS7.7AI score0.00245EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/24 12:0 a.m.7 views

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS version 12.0 through versions prior to 12.11.2, which originates from an administrator user being able to enable a debug shell by uploading a specific diagnosti...

8.9CVSS6.9AI score0.00293EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/24 12:0 a.m.8 views

PT-2025-43675

Name of the Vulnerable Software and Affected Versions Fireware OS versions prior to 12.11.2 Description An authenticated administrator user with access to both the management WebUI and command line interface on a Firebox device can enable a diagnostic debug shell. This is achieved by uploading a...

8.9CVSS6.6AI score0.00293EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/09/17 10:45 p.m.7 views

CVE-2025-6947

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS via the SIP Proxy module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Firebox...

4.8CVSS5.4AI score0.00341EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/15 9:18 p.m.4 views

CVE-2025-6947 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in SIP Proxy Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS via the SIP Proxy module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Firebox...

4.8CVSS5AI score0.00341EPSS
Exploits0References1
CVE
CVE
added 2025/09/15 9:18 p.m.20 views

CVE-2025-6947

CVE-2025-6947 affects WatchGuard Fireware OS running on Firebox. The issue is a Stored Cross-Site Scripting (XSS) vulnerability in the SIP Proxy module caused by improper input neutralization during web page generation. Exploitation requires an authenticated administrator session to a locally man...

4.8CVSS5AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2022/09/06 7:15 p.m.4 views

CVE-2022-31789

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious request to exposed management ports. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

9.8CVSS6.4AI score0.01516EPSS
Exploits0References1
OSV
OSV
added 2022/09/06 7:15 p.m.5 views

CVE-2022-31791

WatchGuard Firebox and XTM appliances allow a local attacker that has already obtained shell access to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

7.8CVSS5.9AI score0.00214EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/09/06 7:15 p.m.4 views

CVE-2022-31791

WatchGuard Firebox and XTM appliances allow a local attacker that has already obtained shell access to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

7.8CVSS5.6AI score0.00214EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/31 12:0 a.m.4 views

PT-2022-20933 · Watchguard · Fireware Os +2

Name of the Vulnerable Software and Affected Versions: WatchGuard Firebox and XTM appliances versions prior to 12.1.4 WatchGuard Firebox and XTM appliances versions prior to 12.5.10 WatchGuard Firebox and XTM appliances versions prior to 12.8.1 Description: An integer overflow allows an...

9.8CVSS9.9AI score0.01516EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/06/07 12:0 a.m.5 views

WatchGuard Firebox 安全漏洞

WatchGuard Firebox is a US-based WatchGuard company that provides a comprehensive range of Internet security services, from traditional IPS and GAV, to website/application control and malicious software prevention. A security vulnerability exists in WatchGuard Firebox and XTM. A remote attacker...

9.1CVSS8.4AI score0.01209EPSS
Exploits0References3
OSV
OSV
added 2022/03/04 6:15 p.m.3 views

CVE-2022-26318

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...

9.8CVSS6AI score0.78303EPSS
Exploits6References2
OSV
OSV
added 2022/02/24 3:15 p.m.4 views

CVE-2022-25290

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...

6.5CVSS5.8AI score0.00688EPSS
Exploits0References1
Rows per page
Query Builder