Watchguard

Fireware

51 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2026-4315

  • EPSS 0.07%
  • Veröffentlicht 30.03.2026 12:38:15
  • Zuletzt bearbeitet 30.03.2026 13:26:07

A Cross-Site Request Forgery (CSRF) vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service (DoS) condition in the Fireware Web UI by convincing an authenticated administrator into visiting a mal...

8.4

CVE-2026-4266

  • EPSS 0.06%
  • Veröffentlicht 30.03.2026 12:38:01
  • Zuletzt bearbeitet 30.03.2026 13:26:07

An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affect...

4.9

CVE-2026-3344

  • EPSS 0.04%
  • Veröffentlicht 03.03.2026 13:17:56
  • Zuletzt bearbeitet 04.03.2026 19:19:41

A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a maliciously-crafted firmware update package.This issue affects Fireware OS 12.0 up to and incl...

6.1

CVE-2026-3343

  • EPSS 0.04%
  • Veröffentlicht 03.03.2026 13:17:48
  • Zuletzt bearbeitet 04.03.2026 19:34:56

A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the context of an authenticated management user's browser when they click on a specially crafted link. This vulnerability aff...

7.2

CVE-2026-3342

  • EPSS 0.13%
  • Veröffentlicht 03.03.2026 13:17:39
  • Zuletzt bearbeitet 04.03.2026 19:42:25

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. This vulnerability affects Fireware OS 11.9 up to...

7

CVE-2026-1498

Medienbericht
  • EPSS 0.1%
  • Veröffentlicht 30.01.2026 13:02:59
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An LDAP Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from a connected LDAP authentication server through an exposed authentication or management web interface. This vu...

9.8

CVE-2025-14733

Warnung Medienbericht
  • EPSS 34.5%
  • Veröffentlicht 19.12.2025 00:01:55
  • Zuletzt bearbeitet 23.12.2025 11:34:46

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured...

7.2

CVE-2025-1547

  • EPSS 0.06%
  • Veröffentlicht 04.12.2025 22:11:09
  • Zuletzt bearbeitet 10.12.2025 16:06:09

A stack-based buffer overflow vulnerability [CWE-121] in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This issue affects Fireware OS: fr...

4.8

CVE-2025-6946

  • EPSS 0.04%
  • Veröffentlicht 04.12.2025 21:48:50
  • Zuletzt bearbeitet 10.12.2025 16:07:29

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the IPS module. This vulnerability requires an authenticated administrator session to a locally ...

7.5

CVE-2025-1545

  • EPSS 0.13%
  • Veröffentlicht 04.12.2025 21:48:27
  • Zuletzt bearbeitet 10.12.2025 16:05:35

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability ...