222 matches found
CVE-2026-3987
A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...
EUVD-2026-18090
A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...
CVE-2026-3987
A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...
CVE-2026-3987 WatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UI
A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...
CVE-2026-3987
A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...
WatchGuard Firebox Fireware OS 安全漏洞
WatchGuard Firebox Fireware OS is an operating system developed by the American company WatchGuard, designed to provide security protection and traffic control capabilities for firewall devices. Vulnerabilities exist in versions 12.6.1 to 12.11.8, as well as in versions 2025.1 to 2026.1.2 of...
PT-2026-29637
A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...
CVE-2026-4315
A Cross-Site Request Forgery CSRF vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service DoS condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.This issue affects Fireware OS: 11....
CVE-2026-4266
An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1...
EUVD-2026-17081
A Cross-Site Request Forgery CSRF vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service DoS condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.This issue affects Fireware OS: 11....
CVE-2026-4315
A Cross-Site Request Forgery CSRF vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service DoS condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.This issue affects Fireware OS: 11....
CVE-2026-4266
CVE-2026-4266 describes an insecure deserialization in WatchGuard Fireware OS. Affects Fireware OS versions 12.1–12.11.8 and 2025.1–2026.1.2; Firebox platforms without Access Portal (e.g., T-15, T-35) are not affected. The vulnerability allows an attacker who has obtained write access to the loca...
CVE-2026-4266 WatchGuard Firebox Insecure Deserialization in Fireware Access Portal
An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1...
PT-2026-29023
I’ve added a new entry to my CVE list , CVE number 1️⃣ 3️⃣ . CVE-2026-4315 The issue is a Cross-Site Request Forgery CSRF in the Fireware OS Web UI that can allow a remote attacker to trigger a denial-of-service DoS condition by luring an authenticated administrator into visiting a malicious page...
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software operated by the American company WatchGuard, running on Firebox devices. Vulnerabilities exist in versions 11.8 to 11.12.4+541730, 12.0 to 12.11.8, and 2025.1 to 2026.1.2 of WatchGuard Fireware OS. The vulnerability stems from cross-site request forgery in the...
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software operated by the American company WatchGuard, running on Firebox devices. Versions 12.1 to 12.11.8 and 2025.1 to 2026.1.2 of WatchGuard Fireware OS contain security vulnerabilities due to insecure deserialization, which may allow arbitrary code to be executed i...
📄 WatchGuard Firebox Default SSH Credentials
This is a python script to detect whether or not WatchGuard Firebox devices allow unauthorized access via default credentials admin:readwrite on port 4118. =============================================================================================================================================...
CVE-2026-3343
A reflected cross-site scripting XSS vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the context of an authenticated management user's browser when they click on a specially crafted link. This vulnerability affects Fireware OS 12.7 up to and including 12.11.7...
CVE-2026-3342
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. This vulnerability affects Fireware OS 11.9 up to and including 11.12.4Update1, 12.0 up to and...
CVE-2026-3344
A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a maliciously-crafted firmware update package.This issue affects Fireware OS 12.0 up to and including 12.11.7, 12.5.9 up to and including...