Watchguard

Fireware

46 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2026-1498

Medienbericht
  • EPSS 0.17%
  • Veröffentlicht 30.01.2026 13:02:59
  • Zuletzt bearbeitet 04.02.2026 16:34:21

An LDAP Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from a connected LDAP authentication server through an exposed authentication or management web interface. This vu...

9.8

CVE-2025-14733

Warnung Medienbericht
  • EPSS 43.22%
  • Veröffentlicht 19.12.2025 00:01:55
  • Zuletzt bearbeitet 23.12.2025 11:34:46

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured...

7.2

CVE-2025-1547

  • EPSS 0.04%
  • Veröffentlicht 04.12.2025 22:11:09
  • Zuletzt bearbeitet 10.12.2025 16:06:09

A stack-based buffer overflow vulnerability [CWE-121] in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This issue affects Fireware OS: fr...

4.8

CVE-2025-6946

  • EPSS 0.03%
  • Veröffentlicht 04.12.2025 21:48:50
  • Zuletzt bearbeitet 10.12.2025 16:07:29

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the IPS module. This vulnerability requires an authenticated administrator session to a locally ...

7.5

CVE-2025-1545

  • EPSS 0.09%
  • Veröffentlicht 04.12.2025 21:48:27
  • Zuletzt bearbeitet 10.12.2025 16:05:35

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability ...

7.5

CVE-2025-11838

  • EPSS 0.06%
  • Veröffentlicht 04.12.2025 21:48:10
  • Zuletzt bearbeitet 16.12.2025 00:16:01

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic ga...

5.5

CVE-2025-13940

  • EPSS 0.02%
  • Veröffentlicht 04.12.2025 21:47:44
  • Zuletzt bearbeitet 10.12.2025 16:04:47

An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting down in the event of a system integrity check fail...

6.1

CVE-2025-13939

  • EPSS 0.03%
  • Veröffentlicht 04.12.2025 21:47:37
  • Zuletzt bearbeitet 10.12.2025 16:03:53

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Gateway Wireless Controller module) allows Stored XSS.This issue affects Fireware OS 11.7.2 up to and including 11.12...

6.1

CVE-2025-13938

  • EPSS 0.03%
  • Veröffentlicht 04.12.2025 21:47:29
  • Zuletzt bearbeitet 10.12.2025 16:03:08

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Autotask Technology Integration module) allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12....

6.1

CVE-2025-13937

  • EPSS 0.03%
  • Veröffentlicht 04.12.2025 21:47:19
  • Zuletzt bearbeitet 10.12.2025 16:02:33

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module) allows Stored XSS.This issue affects Fireware OS 12.4 up to and including ...