threat
engine
.sh
Back
·
··:··
Home
/
Product
/
watchguard fireware
Product
watchguard fireware
41 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-3344
>= 12.0 and < 12.11.8
A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain
4.9
MEDIUM
CVE-2026-3343
>= 12.7 and < 12.11.8
A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the co
6.1
MEDIUM
CVE-2026-3342
>= 12.5 and < 12.5.17
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbi
7.2
HIGH
CVE-2025-14733
>= 11.10.2 and < 12.5.15
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary co
9.8
CRITICAL
CVE-2025-6946
>= 12.0.0 and < 12.11.3
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware O
4.8
MEDIUM
CVE-2025-1547
>= 12.0.0 and < 12.11.3
A stack-based buffer overflow vulnerability [CWE-121] in WatchGuard Fireware OS's certificate request command could allow an authe
7.2
HIGH
CVE-2025-1545
>= 2025.1 and < 2025.1.3
An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive infor
7.5
HIGH
CVE-2025-13940
>= 2025.1 and < 2025.1.3
An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS b
5.5
MEDIUM
CVE-2025-13939
>= 2025.1 and < 2025.1.3
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware O
6.1
MEDIUM
CVE-2025-13938
>= 2025.1 and < 2025.1.3
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware O
6.1
MEDIUM
CVE-2025-13937
>= 2025.1 and < 2025.1.3
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware O
6.1
MEDIUM
CVE-2025-13936
>= 2025.1 and < 2025.1.3
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware O
6.1
MEDIUM
CVE-2025-12196
>= 2025.1 and < 2025.1.3
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbit
7.2
HIGH
CVE-2025-12195
>= 2025.1 and < 2025.1.3
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbit
7.2
HIGH
CVE-2025-12026
>= 2025.1 and < 2025.1.3
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privil
7.2
HIGH
CVE-2025-11838
>= 2025.1 and < 2025.1.3
A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (
7.5
HIGH
CVE-2025-9242
>= 11.10.2 and < 12.11.4
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary co
9.8
CRITICAL
CVE-2025-1071
>= 12.0.0 and < 12.11.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware O
4.8
MEDIUM
CVE-2025-0178
>= 12.5 and < 12.5.13
Improper Input Validation vulnerability in WatchGuard Fireware OS allows an attacker to manipulate the value of the HTTP Host head
6.1
MEDIUM
CVE-2024-5974
>= 11.9.4 and < 12.5.12
A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to
7.2
HIGH
CVE-2022-31792
>= 12.0.0 and < 12.1.4
A stored cross-site scripting (XSS) vulnerability exists in the management web interface of WatchGuard Firebox and XTM appliances.
5.4
MEDIUM
CVE-2022-31791
>= 12.0.0 and < 12.1.4
WatchGuard Firebox and XTM appliances allow a local attacker (that has already obtained shell access) to elevate their privileges
7.8
HIGH
CVE-2022-31789
>= 12.0.0 and < 12.1.4
An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflo
9.8
CRITICAL
CVE-2022-31790
>= 12.0.0 and < 12.1.4
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server setting
7.5
HIGH
CVE-2022-25361
>= 12.0.0 and < 12.1.3
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of dir
9.1
CRITICAL
CVE-2022-26318
>= 12.0.0 and < 12.1.3
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability im
9.8
CRITICAL
CVE-2022-25363
>= 12.0.0 and < 12.1.3
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to modify privileged ma
6.5
MEDIUM
CVE-2022-25360
>= 12.0.0 and < 12.1.3
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to upload files to arbi
8.8
HIGH
CVE-2022-25293
>= 12.0.0 and < 12.1.3
A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentia
8.8
HIGH
CVE-2022-25292
>= 12.0.0 and < 12.1.3
A wgagent stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentia
8.8
HIGH
CVE-2022-25291
>= 12.0.0 and < 12.1.3
An integer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to trigger a heap-based buffe
8.8
HIGH
CVE-2022-25290
>= 12.0.0 and < 12.1.3
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate
6.5
MEDIUM
CVE-2022-23176
>= 12.0.0 and < 12.1.3
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged
8.8
HIGH
CVE-2016-6154
<= 11.11
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
6.1
MEDIUM
CVE-2017-14616
<= 11.12.4
An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0. If a login attempt is made in the XML-RPC interface with an X
7.5
HIGH
CVE-2017-14615
<= 11.12.4
An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of
6.1
MEDIUM
CVE-2017-8056
<= 11.2.1
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This
5.3
MEDIUM
CVE-2017-8055
<= 11.2.1
WatchGuard Fireware allows user enumeration, e.g., in the Firebox XML-RPC login handler. A login request that contains a blank pas
5.3
MEDIUM
CVE-2014-0338
<= 11.8.1
Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8
CVE-2013-6021
<= 11.7.4
Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long
CVE-2013-5702
<= 11.7.4
Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin