Lucene search
K

470 matches found

ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-13375

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Autotask Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13938. This issue affects Fireware O...

4.8CVSS5.7AI score0.00258EPSS
Exploits0References2Affected Software1
CVE
CVE
added 3 days ago9 views

CVE-2026-13374

CVE-2026-13374 is a stored XSS vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module). It affects Fireware OS versions 12.4–12.12, 12.5–12.5.18, and 2025.1–2026.2. The issue stems from improper neutralization of input during web page generation, allowing stored cross-...

4.8CVSS5.7AI score0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-13374 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS ConnectWise Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13937. This issue affects Firewar...

4.8CVSS0.00258EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-13374

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS ConnectWise Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13937. This issue affects Firewar...

4.8CVSS5.7AI score0.00258EPSS
Exploits0References3Affected Software1
CVE
CVE
added 3 days ago9 views

CVE-2026-13373

WatchGuard Fireware OS Tigerpaw Technology Integration module is affected by CVE-2026-13373, exposing a Stored Cross-Site Scripting (XSS) vulnerability. The issue arises from improper neutralization of input during web page generation, enabling stored XSS in affected Fireware versions: 12.4–12.12...

4.8CVSS5.7AI score0.00258EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-13373

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13936. This issue affects Fireware O...

4.8CVSS5.7AI score0.00258EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-13371

An authenticated administrator can trigger a denial-of-service condition in the Fireware Management Web UI by sending malformed or crafted data to the putdata endpoint, which performs unsafe deserialization of the attacker-supplied input...

6.9CVSS5.8AI score0.00273EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/02 10:54 p.m.5 views

CVE-2026-3987

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...

8.6CVSS6.2AI score0.00588EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/02 12:31 a.m.8 views

EUVD-2026-18090

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...

8.6CVSS6.2AI score0.00588EPSS
Exploits0References2
NVD
NVD
added 2026/04/01 10:16 p.m.8 views

CVE-2026-3987

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...

8.6CVSS0.00588EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/01 9:32 p.m.1 views

CVE-2026-3987 WatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UI

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...

8.6CVSS6.2AI score0.00588EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/01 9:32 p.m.6 views

CVE-2026-3987

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...

8.6CVSS6.2AI score0.00588EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/01 9:32 p.m.20 views

CVE-2026-3987 WatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UI

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...

8.6CVSS0.00588EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 9:32 p.m.16 views

CVE-2026-3987

CVE-2026-3987 describes a path traversal vulnerability in the Fireware OS Web UI of WatchGuard Firebox systems. A privileged, authenticated remote attacker could trigger arbitrary code execution within an elevated system process. Affected are Fireware OS versions 12.6.1 through 12.11.8 and 2025.1...

8.6CVSS6.2AI score0.00588EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

WatchGuard Firebox Fireware OS 安全漏洞

WatchGuard Firebox Fireware OS is an operating system developed by the American company WatchGuard, designed to provide security protection and traffic control capabilities for firewall devices. Vulnerabilities exist in versions 12.6.1 to 12.11.8, as well as in versions 2025.1 to 2026.1.2 of...

8.6CVSS6.2AI score0.00588EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.13 views

PT-2026-29637

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and...

8.6CVSS6.2AI score0.00588EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/31 5:0 p.m.6 views

CVE-2026-4315

A Cross-Site Request Forgery CSRF vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service DoS condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.This issue affects Fireware OS: 11....

7.1CVSS5.9AI score0.00223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/31 5:0 p.m.4 views

CVE-2026-4266

An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1...

8.4CVSS6.2AI score0.00286EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/30 3:32 p.m.5 views

EUVD-2026-17081

A Cross-Site Request Forgery CSRF vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service DoS condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.This issue affects Fireware OS: 11....

7.1CVSS5.9AI score0.00223EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/30 3:32 p.m.3 views

EUVD-2026-17079

An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1...

8.4CVSS6.2AI score0.00286EPSS
Exploits0References2
Rows per page
Query Builder