223 matches found
PT-2025-38127
Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.10.2 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.11.3 WatchGuard Fireware OS version 2025.1 Description An out-of-bounds write vulnerability exists in WatchGuard Fireware OS,...
CVE-2025-6999
An HTTP Request Smuggling CWE-444 vulnerability in the Authentication portal of WatchGuard Fireware OS allows a remote attacker to evade request parameter sanitation and perform a reflected self-Cross-Site Scripting XSS attack.This issue affects Fireware OS: from 12.0 through 12.11.2...
PT-2025-37770
Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.11.2 Description A Stored Cross-site Scripting XSS issue exists within the SIP Proxy module of WatchGuard Fireware OS. Exploitation requires an authenticated administrator session to a locally...
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 12.0 through 12.11.2, which stems from the presence of HTTP request entrapment techniques in the authentication portal, which could lead to a reflectiv...
PT-2025-37771
Name of the Vulnerable Software and Affected Versions: WatchGuard Fireware OS versions 12.0 through 12.11.2 Description: An HTTP Request Smuggling vulnerability exists in the Authentication portal of WatchGuard Fireware OS, allowing a remote attacker to evade request parameter sanitation and...
CVE-2020-10532
The AD Helper component in WatchGuard Fireware before 5.8.5.10317 allows remote attackers to discover cleartext passwords via the /domains/list URI...
CVE-2017-8056
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity XXE, in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new...
CVE-2017-8055
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank password sent to the XML-RPC agent in Fireware v11.12.1 and earlier returns different responses for valid and invalid usernames. An attacker could exploit this...
CVE-2025-4804
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS via the spamBlocker module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects...
CVE-2025-4805
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Fireware OS: from 12.0 through...
CVE-2025-4804
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS via the spamBlocker module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects...
CVE-2025-4805
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Fireware OS: from 12.0 through...
CVE-2025-4805
CVE-2025-4805 describes a stored XSS vulnerability in WatchGuard Fireware OS (Firebox). The issue arises from improper input neutralization during web page generation, allowing stored XSS when an authenticated administrator session to a locally managed Firebox is present. Affected versions are Fi...
PT-2025-21757
Name of the Vulnerable Software and Affected Versions: WatchGuard Fireware OS versions 12.0 through 12.1.1 is incorrect, the correct range is: WatchGuard Fireware OS versions 12.0 through 12.11.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, als...
WatchGuard Fireware OS 跨站脚本漏洞
WatchGuard Fireware OS is a software from WatchGuard, Inc. that runs on Firebox. A cross-site scripting vulnerability exists in WatchGuard Fireware OS versions 12.0 through 12.11.1, which stems from improper input neutralization and could lead to stored cross-site scripting...
PT-2025-21756 · Watchguard · Watchguard Fireware
Name of the Vulnerable Software and Affected Versions: WatchGuard Fireware OS versions 12.0 through 12.1.1 is incorrect, the correct range is: WatchGuard Fireware OS versions 12.0 through 12.11.1 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation,...
WatchGuard Fireware OS 跨站脚本漏洞
WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A cross-site scripting vulnerability exists in WatchGuard Fireware OS versions 12.0 through 12.11.1, which stems from improper input neutralization in the spamBlocker module and could lead to stored cross-site scriptin...
CVE-2025-1239
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS via the Blocked Sites list. This vulnerability requires an authenticated administrator session to a locally managed Firebox.This issue affects Firewa...
CVE-2025-0178
Improper Input Validation vulnerability in WatchGuard Fireware OS allows an attacker to manipulate the value of the HTTP Host header in requests sent to the Web UI. An attacker could exploit this vulnerability to redirect users to malicious websites, poison the web cache, or inject malicious...
CVE-2025-1239
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS via the Blocked Sites list. This vulnerability requires an authenticated administrator session to a locally managed Firebox.This issue affects Firewa...