52 matches found
CVE-2022-23176
CVE-2022-23176 affects WatchGuard Firebox and XTM appliances running Fireware OS. The vulnerability allows a remote attacker with unprivileged credentials to access the system with a privileged management session through exposed management access. Affected versions include Fireware OS before 12.7...
CVE-2022-26318
This CVE (CVE-2022-26318) affects WatchGuard XTM/Firebox appliances running Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2, enabling unauthenticated remote code execution via the admin interface. Technical details in connected docs show in-the-wild...
CVE-2025-14733
WatchGuard Fireware OS is affected by CVE-2025-14733 (Out-of-bounds Write in the iked process) that enables remote unauthenticated code execution when Mobile User VPN (IKEv2) or Branch Office VPN (IKEv2) is configured with a dynamic gateway peer. Affected versions include Fireware OS 11.10.2–11.1...
CVE-2022-31791
WatchGuard Firebox and XTM appliances are affected by CVE-2022-31791, a local privilege escalation that, after an attacker gains shell access, allows execution of code with root privileges. Affected devices run Fireware OS with vulnerable configurations prior to fixed versions: 12.1.4, 12.5.10, a...
CVE-2016-6154
The CVE-2016-6154 entry concerns Watchguard Fireware 11.11 OS, where the authentication applet is vulnerable to reflected XSS and can cause an open redirect. Multiple sources (NVD, CNVD, CVE listings) corroborate this, noting the vulnerability in the authentication component without providing exp...
CVE-2022-25293
CVE-2022-25293 affects WatchGuard Firebox and XTM appliances running Fireware OS with a stack-based buffer overflow in systemd. The vulnerability allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. Affected ...
CVE-2022-25292
CVE-2022-25292 corresponds to a stack-based buffer overflow in WatchGuard’s wgagent component used by Firebox and XTM appliances. The vulnerability allows an authenticated remote attacker to execute arbitrary code by initiating a firmware update with a malicious upgrade image. Affected versions i...
CVE-2022-25360
CVE-2022-25360 affects WatchGuard Firebox and XTM appliances running Fireware OS. An authenticated remote attacker with unprivileged credentials can upload files to arbitrary locations. Affected versions include Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before...
CVE-2022-25290
CVE-2022-25290 affects WatchGuard Firebox and XTM appliances running Fireware OS. An authenticated remote attacker with unprivileged credentials can retrieve certificate private keys. Affected versions include Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 1...
CVE-2022-31790
Observation: CVE-2022-31790 affects WatchGuard Firebox and XTM appliances. The issue allows an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. Affected products/versions (per sources): WatchGu...
CVE-2022-25291
WatchGuard Firebox and XTM appliances are affected by CVE-2022-25291 due to an integer overflow that can trigger a heap-based buffer overflow when processing a firmware upgrade image. Exploitation requires authentication and could lead to arbitrary code execution on vulnerable Fireware OS version...
CVE-2022-31792
CVE-2022-31792 is a stored XSS vulnerability in the management web interface of WatchGuard Firebox and XTM appliances. A remote attacker can execute arbitrary JavaScript by sending crafted requests to exposed management ports. Affected products are WatchGuard Firebox and XTM appliances with versi...
CVE-2022-25363
WatchGuard Firebox and XTM appliances are affected by CVE-2022-25363 where an authenticated remote attacker with unprivileged credentials can modify privileged management user credentials. Affected: Fireware OS versions before 12.7.2_U2; 12.x before 12.1.3_U8; 12.2.x through 12.5.x before 12.5.9_...
CVE-2025-0178
The CVE-2025-0178 issue affects WatchGuard Fireware OS Web UI, where improper input validation allows manipulation of the HTTP Host header. The vulnerability could enable redirection to malicious sites, web cache poisoning, or injection of malicious JavaScript into responses. Affected range is Fi...
CVE-2022-25361
CVE-2022-25361 affects WatchGuard Firebox and XTM appliances running Fireware OS. An unauthenticated remote attacker can delete arbitrary files from a limited set of directories. The vulnerability is exploitable over the network and yields high impact to integrity and availability. Affected versi...
CVE-2025-1071
The CVE-2025-1071 issue affects WatchGuard Fireware OS (Firebox) with the spamBlocker module, where improper input neutralization during web page generation enables Stored XSS. The vulnerability requires an authenticated administrator session to a locally managed Firebox and affects Fireware OS v...
CVE-2024-5974
CVE-2024-5974 describes a buffer overflow in WatchGuard Fireware OS that could allow an authenticated remote attacker with privileged management access to execute arbitrary code with system privileges on affected devices. Affected versions are Fireware OS 11.9.6 through 12.10.3 . The vulnerabilit...
CVE-2013-6021
CVE-2013-6021 is a stack-based buffer overflow in WGagent used by WatchGuard WSM/Fireware before 11.8, caused by processing a crafted, oversized sessionid in cookies. This vulnerability enables remote code execution with network access, as attackers can exploit the cookie parsing to overflow the ...
CVE-2013-5702
CVE-2013-5702 corresponds to multiple non‑persistent Cross‑Site Scripting (XSS) vulnerabilities in Watchguard Server Center. The affected product/version scope includes Watchguard Server Center v11.7.4 Update #1 and older, where improper input validation of GET parameters could allow an authentic...
CVE-2017-14615
CVE-2017-14615 affects WatchGuard Fireware pre-12.0. An XML-RPC login endpoint issue allows JavaScript embedded in the user element to be rendered in the Web UI (Traffic Monitor: Events/All), causing a stored-XSS effect where subsequent events are hidden until a restart. Affected product: WatchGu...
CVE-2017-14616
WatchGuard Fireware before 12.0 is affected by CVE-2017-14616. The issue occurs in the XML-RPC login flow: sending an XML message with an empty member element causes the wgagent to crash, logging out any active UI session and, with repeated failed logins, making UI management unusable. Affected p...
CVE-2014-0338
WatchGuard Fireware XTM before 11.8.3 is affected by cross-site scripting in the firewall policy management page, exploitable via the pol_name parameter in firewall/policy. The root cause is improper input handling of the pol_name field, allowing remote attackers to inject arbitrary script/HTML t...
CVE-2025-9242
CVE-2025-9242: WatchGuard Fireware OS contains an out-of-bounds write in the iked process that may allow remote unauthenticated code execution on affected VPN configurations (Mobile User VPN with IKEv2 and Branch Office VPN with dynamic gateway peer). AffectedFireware OS versions include 11.10.2–...
CVE-2017-8055
WatchGuard Fireware contains a user enumeration flaw in the Firebox XML-RPC login handler. A login request with a blank password to the XML-RPC agent in Fireware v11.12.1 and earlier yields different responses for valid versus invalid usernames, enabling an attacker to enumerate valid usernames o...
CVE-2022-31789
WatchGuard Firebox and XTM appliances are affected by an integer overflow that can trigger a buffer overflow via requests to exposed management ports, allowing an unauthenticated remote attacker to potentially execute arbitrary code. The issue is documented across multiple sources (NVD/Red Hat/NC...
CVE-2017-8056
WatchGuard Fireware v11.12.1 and earlier are affected by an XML External Entity (XXE) issue in the XML-RPC agent. The vulnerability causes the Firebox wgagent process to crash, terminating all authenticated sessions (including management connections) and potentially degrading overall performance ...
CVE-2026-13054
CVE-2026-13054 describes a path traversal vulnerability in the WatchGuard Fireware OS Management Web UI that allows a privileged authenticated attacker to write arbitrary files on the Firebox filesystem. Affected: Fireware OS 11.0–11.12.4_Update1, 12.0–12.12, and 2025.1–2026.2. CVSS v4.0 vector i...
CVE-2026-3343
CVE-2026-3343 is a reflected XSS in Fireware OS Web UI affecting Fireware OS versions 12.7–12.11.7 and 2025.1–2026.1.1. The vulnerability allows execution of malicious JavaScript in the context of an authenticated management user’s browser when they click a specially crafted link. The CVSS 4.0 ba...
CVE-2026-13079
CVE-2026-13079 describes a local privilege escalation in the WatchGuard Mobile VPN with SSL client for Windows . The issue allows a local attacker to escalate to NT AUTHORITY\SYSTEM on the machine hosting the Windows client. Affected scope includes the Windows client versions up to and including ...
CVE-2026-13053
WatchGuard Fireware OS has an authenticated out-of-bounds write vulnerability in the CLI command handler (CVE-2026-13053). A privileged, authenticated attacker could trigger code execution via a crafted CLI input. Affected versions include Fireware OS 11.0–11.12.4_Update1, 12.0–12.12, and 2025.1–...
CVE-2026-13383
CVE-2026-13383 is an Out-of-bounds Write vulnerability in WatchGuard Fireware OS ikestubd. An authenticated privileged user could potentially execute arbitrary code via specially crafted requests to the Management Web UI. Affected: Fireware OS 12.1–12.12 and 2025.1–2026.2. Impact severity is high...
CVE-2026-3342
Technical details about CVE-2026-3342 are not provided in the supplied documents. Monitor for updates from WatchGuard advisory; no public details on affected firmware behavior, exploit methods, or fixes are disclosed here.
CVE-2025-13939
WatchGuard Fireware OS (Gateway Wireless Controller module) is affected by CVE-2025-13939: a Stored XSS vulnerability caused by improper neutralization of input during web page generation. Affected versions include Fireware OS 11.7.2 through 11.12.4+541730, 12.0 through 12.11.4, 12.5 through 12.5...
CVE-2026-13384
CVE-2026-13384 is an Out-of-bounds Write vulnerability in WatchGuard Fireware OS wgagent. An authenticated privileged user could remotely execute arbitrary code via specially crafted requests to the Management Web UI. Affected: Fireware OS 12.1–12.12 and 2025.1–2026.2. CVSS details indicate netwo...
CVE-2026-13728
WatchGuard Fireware OS on a FireCluster is affected by CVE-2026-13728. Affected versions include Fireware OS 12.1 through 12.12, and 2025.1 through 2026.2. In exception circumstances, an embedded encryption key is used to encrypt saved credentials for Access Portal resources, which constitutes th...
CVE-2025-13936
The CVE-2025-13936 entry documents a Stored XSS vulnerability in WatchGuard Fireware OS, specifically within the Tigerpaw Technology Integration module. Affected software/versions are Fireware OS 12.4 through 12.11.4, 12.5 through 12.5.13, and 2025.1 through 2025.1.2. The root cause is improper n...
CVE-2026-13376
CVE-2026-13376 affects WatchGuard Firebox via the Fireware OS spamBlocker module. Vulnerable component: spamBlocker in Fireware OS; vulnerable versions: Fireware OS 12.0–12.12, 12.5–12.5.18, and 2025.1–2026.2. Description: Improper Neutralization of Input During Web Page Generation leading to Sto...
CVE-2026-3344
Watching WatchGuard Fireware OS has a vulnerability (CVE-2026-3344) that allows bypassing the filesystem integrity check and maintaining limited persistence via a maliciously-crafted firmware update package. Affected versions are: Fireware OS 12.0–12.11.7, 12.5.9–12.5.16, and 2025.1–2026.1.1. The...
CVE-2025-12026
WatchGuard Fireware OS contains an Out-of-bounds Write vulnerability in the certificate request command that can allow an authenticated privileged user to execute arbitrary code via crafted CLI commands. Affected versions include Fireware OS 12.0–12.11.4, 12.5–12.5.13, and 2025.1–2025.1.2. Mitiga...
CVE-2025-13937
CVE-2025-13937 describes a Stored XSS in WatchGuard Fireware OS via the ConnectWise Technology Integration module. The vulnerability results from improper neutralization of input during web page generation, affecting Fireware OS versions 12.4–12.11.4, 12.5–12.5.13, and 2025.1–2025.1.2. The impact...
CVE-2025-12195
CVE-2025-12195 describes an out-of-bounds write vulnerability in the WatchGuard Fireware OS CLI. An authenticated privileged user can trigger arbitrary code execution by sending specially crafted IPSec configuration CLI commands. Affected versions span Fireware OS 11.0–11.12.4+541730, 12.0–12.11....
CVE-2025-1545
CVE-2025-1545 is a WatchGuard Fireware OS XPath Injection affecting Firebox with at least one authentication hotspot configured. The issue allows remote, unauthenticated retrieval of configuration data via an exposed authentication/management web interface. Affected versions: 11.11–11.12.4+541730...
CVE-2025-6946
WatchGuard Fireware OS contains a Stored XSS vulnerability in the IPS module that requires an authenticated administrator session on a locally managed Firebox. Affected software is Firebox firmware versions 12.0 through 12.11.2. Root cause is improper input handling during web page generation. Th...
CVE-2026-13375
WatchGuard Fireware OS Autotask Technology Integration module is affected by CVE-2026-13375, a Stored XSS vulnerability. Affected versions are Fireware OS 12.4–12.12, 12.5–12.5.18, and 2025.1–2026.2. Attack vector is NETWORK with low attack complexity and high privileges required; user interactio...
CVE-2025-1547
WatchGuard Fireware OS has a stack-based buffer overflow in the certificate request CLI command (CWE-121) that could allow an authenticated privileged user to execute arbitrary code. Affected releases: Fireware OS 12.0–12.5.12+701324 and 12.6–12.11.2. Root cause appears to be insufficient bounds ...
CVE-2026-13373
WatchGuard Fireware OS Tigerpaw Technology Integration module is affected by CVE-2026-13373, exposing a Stored Cross-Site Scripting (XSS) vulnerability. The issue arises from improper neutralization of input during web page generation, enabling stored XSS in affected Fireware versions: 12.4–12.12...
CVE-2026-13374
CVE-2026-13374 is a stored XSS vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module). It affects Fireware OS versions 12.4–12.12, 12.5–12.5.18, and 2025.1–2026.2. The issue stems from improper neutralization of input during web page generation, allowing stored cross-...
CVE-2026-13377
WatchGuard Fireware OS SIP Proxy module is affected by a Stored XSS via improper input neutralization during web page generation. The vulnerability affects Fireware OS versions 12.0–12.12, 12.5–12.5.18, and 2025.1–2026.2. Root cause: improper sanitization in the SIP Proxy configuration web interf...
CVE-2025-11838
CVE-2025-11838 involves a memory corruption vulnerability in WatchGuard Fireware OS that can trigger a DoS in Mobile User VPN with IKEv2 and Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. Affected software ranges are Fireware OS 12.6.1–12.11.4 and 2025.1–2025.1.2. The ...
CVE-2025-13938
Vulnerability: CVE-2025-13938 is a Stored XSS in WatchGuard Fireware OS (Autotask Technology Integration module). Affected versions are Fireware OS 12.4–12.11.4, 12.5–12.5.13, and 2025.1–2025.1.2. Root cause: improper neutralization of input during web page generation for the Autotask Integration...