Watchguard Firebox_m4600

19 CVEs affecting Watchguard Firebox_m4600. Latest disclosed: 2026-03-03. Critical: 2, High: 7.

Top CVEs affecting Watchguard Firebox_m4600
CVESeverityScorePublishedSummary
CVE-2025-14733Critical9.82025-12-19An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affect…
CVE-2025-9242Critical9.82025-09-17An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affect…
CVE-2025-1545High7.52025-12-04An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox confi…
CVE-2025-11838High7.52025-12-04A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile…
CVE-2026-3342High7.22026-03-03An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissi…
CVE-2025-1547High7.22025-12-04A stack-based buffer overflow vulnerability [CWE-121] in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to e…
CVE-2025-12196High7.22025-12-04An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially cra…
CVE-2025-12195High7.22025-12-04An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via specially craft…
CVE-2025-12026High7.22025-12-04An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary…
CVE-2026-3343Medium6.12026-03-03A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the context of an authenticated man…
CVE-2025-13939Medium6.12025-12-04Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Gateway Wireless Controlle…
CVE-2025-13938Medium6.12025-12-04Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Autotask Technology Integr…
CVE-2025-13937Medium6.12025-12-04Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Int…
CVE-2025-13936Medium6.12025-12-04Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Tigerpaw Technology Integr…
CVE-2025-0178Medium6.12025-02-14Improper Input Validation vulnerability in WatchGuard Fireware OS allows an attacker to manipulate the value of the HTTP Host header in requests sent to the We…
CVE-2025-13940Medium5.52025-12-04An Expected Behavior Violation [CWE-440] vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS boot time system integrity che…
CVE-2026-3344Medium4.92026-03-03A vulnerability in WatchGuard Fireware OS may allow an attacker to bypass the Fireware OS filesystem integrity check and maintain limited persistence via a mal…
CVE-2025-6946Medium4.82025-12-04Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the I…
CVE-2025-1071Medium4.82025-02-14Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the s…