6.1
CVE-2026-3343
- EPSS 0.04%
- Veröffentlicht 03.03.2026 13:17:48
- Zuletzt bearbeitet 04.03.2026 19:34:56
- Quelle 5d1c2695-1a31-4499-88ae-e84703
- CVE-Watchlists
- Unerledigt
A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the context of an authenticated management user's browser when they click on a specially crafted link. This vulnerability affects Fireware OS 12.7 up to and including 12.11.7 and 2025.1 up to and including 2026.1.1.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Watchguard ≫ Fireware Version >= 12.7 < 12.11.8
Watchguard ≫ Firebox M270 Version-
Watchguard ≫ Firebox M290 Version-
Watchguard ≫ Firebox M370 Version-
Watchguard ≫ Firebox M390 Version-
Watchguard ≫ Firebox M440 Version-
Watchguard ≫ Firebox M4600 Version-
Watchguard ≫ Firebox M470 Version-
Watchguard ≫ Firebox M4800 Version-
Watchguard ≫ Firebox M5600 Version-
Watchguard ≫ Firebox M570 Version-
Watchguard ≫ Firebox M5800 Version-
Watchguard ≫ Firebox M590 Version-
Watchguard ≫ Firebox M670 Version-
Watchguard ≫ Firebox M690 Version-
Watchguard ≫ Firebox Nv5 Version-
Watchguard ≫ Firebox T20 Version-
Watchguard ≫ Firebox T25 Version-
Watchguard ≫ Firebox T40 Version-
Watchguard ≫ Firebox T45 Version-
Watchguard ≫ Firebox T55 Version-
Watchguard ≫ Firebox T70 Version-
Watchguard ≫ Firebox T80 Version-
Watchguard ≫ Firebox T85 Version-
Watchguard ≫ Fireboxcloud Version-
Watchguard ≫ Fireboxv Version-
Watchguard ≫ Firebox M290 Version-
Watchguard ≫ Firebox M370 Version-
Watchguard ≫ Firebox M390 Version-
Watchguard ≫ Firebox M440 Version-
Watchguard ≫ Firebox M4600 Version-
Watchguard ≫ Firebox M470 Version-
Watchguard ≫ Firebox M4800 Version-
Watchguard ≫ Firebox M5600 Version-
Watchguard ≫ Firebox M570 Version-
Watchguard ≫ Firebox M5800 Version-
Watchguard ≫ Firebox M590 Version-
Watchguard ≫ Firebox M670 Version-
Watchguard ≫ Firebox M690 Version-
Watchguard ≫ Firebox Nv5 Version-
Watchguard ≫ Firebox T20 Version-
Watchguard ≫ Firebox T25 Version-
Watchguard ≫ Firebox T40 Version-
Watchguard ≫ Firebox T45 Version-
Watchguard ≫ Firebox T55 Version-
Watchguard ≫ Firebox T70 Version-
Watchguard ≫ Firebox T80 Version-
Watchguard ≫ Firebox T85 Version-
Watchguard ≫ Fireboxcloud Version-
Watchguard ≫ Fireboxv Version-
Watchguard ≫ Fireware Version >= 2025.1 < 2026.1.2
Watchguard ≫ Firebox M295 Version-
Watchguard ≫ Firebox M395 Version-
Watchguard ≫ Firebox M495 Version-
Watchguard ≫ Firebox M595 Version-
Watchguard ≫ Firebox M695 Version-
Watchguard ≫ Firebox T115-w Version-
Watchguard ≫ Firebox T125 Version-
Watchguard ≫ Firebox T125-w Version-
Watchguard ≫ Firebox T145 Version-
Watchguard ≫ Firebox T145-w Version-
Watchguard ≫ Firebox T185 Version-
Watchguard ≫ Firebox M395 Version-
Watchguard ≫ Firebox M495 Version-
Watchguard ≫ Firebox M595 Version-
Watchguard ≫ Firebox M695 Version-
Watchguard ≫ Firebox T115-w Version-
Watchguard ≫ Firebox T125 Version-
Watchguard ≫ Firebox T125-w Version-
Watchguard ≫ Firebox T145 Version-
Watchguard ≫ Firebox T145-w Version-
Watchguard ≫ Firebox T185 Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.117 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| 5d1c2695-1a31-4499-88ae-e847036fd7e3 | 5.1 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.