6.1
CVE-2025-0178
- EPSS 0.22%
- Veröffentlicht 14.02.2025 14:15:32
- Zuletzt bearbeitet 02.03.2026 19:07:18
- Quelle 5d1c2695-1a31-4499-88ae-e84703
- CVE-Watchlists
- Unerledigt
WatchGaurd Firebox Host Header Injection Vulnerability
Improper Input Validation vulnerability in WatchGuard Fireware OS allows an attacker to manipulate the value of the HTTP Host header in requests sent to the Web UI. An attacker could exploit this vulnerability to redirect users to malicious websites, poison the web cache, or inject malicious JavaScript into responses sent by the Web UI. This issue affects Fireware OS: from 12.0 up to and including 12.11.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Watchguard ≫ Fireware Version >= 12.5 < 12.5.13
Watchguard ≫ Fireware Version >= 12.0.0 < 12.11.1
Watchguard ≫ Firebox M270
Watchguard ≫ Firebox M290
Watchguard ≫ Firebox M370
Watchguard ≫ Firebox M390
Watchguard ≫ Firebox M440
Watchguard ≫ Firebox M4600
Watchguard ≫ Firebox M470
Watchguard ≫ Firebox M4800
Watchguard ≫ Firebox M5600
Watchguard ≫ Firebox M570
Watchguard ≫ Firebox M5800
Watchguard ≫ Firebox M590
Watchguard ≫ Firebox M670
Watchguard ≫ Firebox M690
Watchguard ≫ Firebox Nv5
Watchguard ≫ Firebox T20
Watchguard ≫ Firebox T25
Watchguard ≫ Firebox T40
Watchguard ≫ Firebox T45
Watchguard ≫ Firebox T55
Watchguard ≫ Firebox T70
Watchguard ≫ Firebox T80
Watchguard ≫ Firebox T85
Watchguard ≫ Fireboxcloud
Watchguard ≫ Fireboxv
Watchguard ≫ Firebox M290
Watchguard ≫ Firebox M370
Watchguard ≫ Firebox M390
Watchguard ≫ Firebox M440
Watchguard ≫ Firebox M4600
Watchguard ≫ Firebox M470
Watchguard ≫ Firebox M4800
Watchguard ≫ Firebox M5600
Watchguard ≫ Firebox M570
Watchguard ≫ Firebox M5800
Watchguard ≫ Firebox M590
Watchguard ≫ Firebox M670
Watchguard ≫ Firebox M690
Watchguard ≫ Firebox Nv5
Watchguard ≫ Firebox T20
Watchguard ≫ Firebox T25
Watchguard ≫ Firebox T40
Watchguard ≫ Firebox T45
Watchguard ≫ Firebox T55
Watchguard ≫ Firebox T70
Watchguard ≫ Firebox T80
Watchguard ≫ Firebox T85
Watchguard ≫ Fireboxcloud
Watchguard ≫ Fireboxv
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.117 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| 5d1c2695-1a31-4499-88ae-e847036fd7e3 | 5.1 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00003