CVE-2025-12026

High CVSS: 8.6

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

Vendor

Watchguard

Product

Fireware

CWE

CWE-787

Yayın Tarihi

2025-12-04 22:15:46

Güncelleme

2025-12-10 15:41:34

Source Identifier

5d1c2695-1a31-4499-88ae-e847036fd7e3

KEV Date Added

Kategoriler

CWE-787 Fireware HIGH Watchguard 2025

Referanslar

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00017

Benzer Kayıtlar

Medium

CVE-2026-3343

A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript…

Medium

CVE-2026-3344

A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and…

High

CVE-2026-3342

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to ex…

Critical

CVE-2025-14733

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute ar…

Medium

CVE-2025-6946

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard…

Medium

CVE-2025-13939

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard…