Watchguard Firebox_m290

21 CVEs affecting Watchguard Firebox_m290. Latest disclosed: 2026-03-03. Critical: 3, High: 8.

Top CVEs affecting Watchguard Firebox_m290
CVESeverityScorePublishedSummary
CVE-2025-14733Critical9.82025-12-19An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affect…
CVE-2025-9242Critical9.82025-09-17An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affect…
CVE-2022-25361Critical9.12022-06-07WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This…
CVE-2025-1545High7.52025-12-04An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox confi…
CVE-2025-11838High7.52025-12-04A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile…
CVE-2026-3342High7.22026-03-03An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissi…
CVE-2025-1547High7.22025-12-04A stack-based buffer overflow vulnerability [CWE-121] in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to e…
CVE-2025-12196High7.22025-12-04An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially cra…
CVE-2025-12195High7.22025-12-04An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via specially craft…
CVE-2025-12026High7.22025-12-04An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary…
CVE-2024-5974High7.22024-07-09A buffer overflow in WatchGuard Fireware OS could may allow an authenticated remote attacker with privileged management access to execute arbitrary code with s…
CVE-2026-3343Medium6.12026-03-03A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the context of an authenticated man…
CVE-2025-13939Medium6.12025-12-04Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Gateway Wireless Controlle…
CVE-2025-13938Medium6.12025-12-04Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Autotask Technology Integr…
CVE-2025-13937Medium6.12025-12-04Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Int…
CVE-2025-13936Medium6.12025-12-04Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Tigerpaw Technology Integr…
CVE-2025-0178Medium6.12025-02-14Improper Input Validation vulnerability in WatchGuard Fireware OS allows an attacker to manipulate the value of the HTTP Host header in requests sent to the We…
CVE-2025-13940Medium5.52025-12-04An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity che…
CVE-2026-3344Medium4.92026-03-03A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a mal…
CVE-2025-6946Medium4.82025-12-04Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the I…