Lucene search
K

16 matches found

EUVD
EUVD
added 2026/07/03 12:31 a.m.10 views

EUVD-2026-41457

A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...

8.7CVSS5.8AI score0.00495EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/03 12:31 a.m.8 views

EUVD-2026-41462

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS networkd process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.This vulnerability affects Fireware OS 11.8 up to and including 11.12.4Update1, 12.0 up ...

8.6CVSS6.1AI score0.00439EPSS
Exploits0References2
NVD
NVD
added 2026/07/03 12:16 a.m.10 views

CVE-2026-13377

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and...

4.8CVSS0.00158EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:5 p.m.18 views

CVE-2026-13375

WatchGuard Fireware OS Autotask Technology Integration module is affected by CVE-2026-13375, a Stored XSS vulnerability. Affected versions are Fireware OS 12.4–12.12, 12.5–12.5.18, and 2025.1–2026.2. Attack vector is NETWORK with low attack complexity and high privileges required; user interactio...

4.8CVSS5.7AI score0.00158EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 11:5 p.m.39 views

CVE-2026-13374 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS ConnectWise Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13937. This issue affects Firewar...

4.8CVSS0.00158EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:5 p.m.5 views

CVE-2026-13373

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13936. This issue affects Fireware O...

4.8CVSS5.7AI score0.00158EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/01 9:32 p.m.22 views

CVE-2026-3987

CVE-2026-3987 describes a path traversal vulnerability in the Fireware OS Web UI of WatchGuard Firebox systems. A privileged, authenticated remote attacker could trigger arbitrary code execution within an elevated system process. Affected are Fireware OS versions 12.6.1 through 12.11.8 and 2025.1...

8.6CVSS6.2AI score0.00588EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.9 views

PT-2026-29022

An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1...

8.4CVSS6.2AI score0.00286EPSS
Exploits0References2
OSV
OSV
added 2025/12/04 10:15 p.m.5 views

CVE-2025-1547

A stack-based buffer overflow vulnerability CWE-121 in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This issue affects Fireware OS: from 12.0 through 12.5.12+701324, from 12.6 through...

7.2CVSS6.4AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2025/12/04 9:48 p.m.17 views

CVE-2025-1545

CVE-2025-1545 is a WatchGuard Fireware OS XPath Injection affecting Firebox with at least one authentication hotspot configured. The issue allows remote, unauthenticated retrieval of configuration data via an exposed authentication/management web interface. Affected versions: 11.11–11.12.4+541730...

8.2CVSS6.9AI score0.00417EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/04 9:47 p.m.5 views

CVE-2025-13937 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS ConnectWise Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025...

4.8CVSS5.8AI score0.00156EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/04 9:47 p.m.24 views

CVE-2025-13937 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS ConnectWise Technology Integration module allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025...

4.8CVSS0.00156EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.5 views

PT-2025-49164

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.8.1 through 12.11.4 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 Description A flaw exists within the Fireware OS that could allow an attacker to circumvent the boot time system integrity check. Th...

6.7CVSS6.5AI score0.00107EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-53180

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01516EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.6 views

WatchGuard Fireware OS 跨站脚本漏洞

WatchGuard Fireware OS is a software from WatchGuard, Inc. that runs on Firebox. A cross-site scripting vulnerability exists in WatchGuard Fireware OS versions 12.0 through 12.11.1, which stems from improper input neutralization and could lead to stored cross-site scripting...

4.8CVSS5.8AI score0.0036EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/31 12:0 a.m.5 views

PT-2022-20935 · Watchguard · Fireware Os +2

Name of the Vulnerable Software and Affected Versions: WatchGuard Firebox and XTM appliances versions prior to 12.1.4 WatchGuard Firebox and XTM appliances versions prior to 12.5.10 WatchGuard Firebox and XTM appliances versions prior to 12.8.1 Description: The issue allows an unauthenticated...

7.5CVSS7.7AI score0.01533EPSS
Exploits1References7
Rows per page
Query Builder