58 matches found
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software operated by the American company WatchGuard, running on Firebox devices. Versions 12.1 to 12.11.8 and 2025.1 to 2026.1.2 of WatchGuard Fireware OS contain security vulnerabilities due to insecure deserialization, which may allow arbitrary code to be executed i...
CVE-2026-3342
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. This vulnerability affects Fireware OS 11.9 up to and including 11.12.4Update1, 12.0 up to and...
CVE-2026-3342 WatchGuard Firebox Out of Bounds Write Vulnerability
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. This vulnerability affects Fireware OS 11.9 up to and including 11.12.4Update1, 12.0 up to and...
EUVD-2026-9288
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. This vulnerability affects Fireware OS 11.9 up to and including 11.12.4Update1, 12.0 up to and...
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software operated by the American company WatchGuard, running on Firebox devices. Vulnerabilities exist in versions 11.9 to 11.12.4Update1, 12.0 to 12.11.7, and 2025.1 to 2026.1.1 of WatchGuard Fireware OS. These vulnerabilities stem from out-of-bound writing, allowing...
PT-2026-22734
A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a maliciously-crafted firmware update package.This issue affects Fireware OS 12.0 up to and including 12.11.7, 12.5.9 up to and including...
CVE-2026-1498
An LDAP Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from a connected LDAP authentication server through an exposed authentication or management web interface. This vulnerability may also allow a remote attacker to...
CVE-2026-1498 WatchGuard Firebox LDAP Injection
An LDAP Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from a connected LDAP authentication server through an exposed authentication or management web interface. This vulnerability may also allow a remote attacker to...
CVE-2025-14733
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...
CVE-2025-14733
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...
VulnCheck KEV: CVE-2025-14733
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability...
PT-2025-52395
Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.10.2 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.11.5 WatchGuard Fireware OS versions 2025.1 through 2025.1.3 Description An out-of-bounds write vulnerability exists in the iked...
CVE-2025-12026
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including...
CVE-2025-12196
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up ...
CVE-2025-13938
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Autotask Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 ...
EUVD-2025-201300
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Gateway Wireless Controller module allows Stored XSS.This issue affects Fireware OS 11.7.2 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 u...
EUVD-2025-201299
An Expected Behavior Violation CWE-440 vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting down in the event of a system integrity check failure. The on-demand system integrity check in the...
CVE-2025-1547
A stack-based buffer overflow vulnerability CWE-121 in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This issue affects Fireware OS: from 12.0 through 12.5.12+701324, from 12.6 through...
CVE-2025-12196
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up ...
CVE-2025-13938
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Autotask Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 ...