Watchguard

Fireware

51 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-11838

  • EPSS 0.15%
  • Veröffentlicht 04.12.2025 21:48:10
  • Zuletzt bearbeitet 16.12.2025 00:16:01

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic ga...

5.5

CVE-2025-13940

  • EPSS 0.02%
  • Veröffentlicht 04.12.2025 21:47:44
  • Zuletzt bearbeitet 10.12.2025 16:04:47

An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity check and prevent the Firebox from shutting down in the event of a system integrity check fail...

6.1

CVE-2025-13939

  • EPSS 0.04%
  • Veröffentlicht 04.12.2025 21:47:37
  • Zuletzt bearbeitet 10.12.2025 16:03:53

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Gateway Wireless Controller module) allows Stored XSS.This issue affects Fireware OS 11.7.2 up to and including 11.12...

6.1

CVE-2025-13938

  • EPSS 0.04%
  • Veröffentlicht 04.12.2025 21:47:29
  • Zuletzt bearbeitet 10.12.2025 16:03:08

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Autotask Technology Integration module) allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12....

6.1

CVE-2025-13937

  • EPSS 0.04%
  • Veröffentlicht 04.12.2025 21:47:19
  • Zuletzt bearbeitet 10.12.2025 16:02:33

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module) allows Stored XSS.This issue affects Fireware OS 12.4 up to and including ...

6.1

CVE-2025-13936

  • EPSS 0.04%
  • Veröffentlicht 04.12.2025 21:45:51
  • Zuletzt bearbeitet 10.12.2025 15:59:35

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Tigerpaw Technology Integration module) allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12....

7.2

CVE-2025-12196

  • EPSS 0.19%
  • Veröffentlicht 04.12.2025 21:45:29
  • Zuletzt bearbeitet 10.12.2025 15:58:50

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 1...

7.2

CVE-2025-12195

  • EPSS 0.19%
  • Veröffentlicht 04.12.2025 21:43:57
  • Zuletzt bearbeitet 10.12.2025 15:56:03

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via specially crafted IPSec configuration CLI commands.This vulnerability affects Fireware OS 11.0 up to and i...

7.2

CVE-2025-12026

  • EPSS 0.15%
  • Veröffentlicht 04.12.2025 21:43:46
  • Zuletzt bearbeitet 10.12.2025 15:41:34

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This vulnerability affects Fireware OS 12.0 up to a...

8.9

CVE-2025-4106

  • EPSS 0.06%
  • Veröffentlicht 24.10.2025 21:32:30
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic comma...