Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Fireware OS — Vulnerabilities & Security Advisories 48

All 48 CVE vulnerabilities found in Fireware OS, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive aggregation of identified software vulnerabilities within the Fireware OS product line, categorized under general security weakness classifications. It serves as a centralized resource for tracking security flaws affecting this specific network operating system used in Fortinet infrastructure devices. The collection includes a diverse range of vulnerability types, such as buffer overflows, input validation errors, authentication bypasses, and privilege escalation flaws. The data spans from the initial release of Fireware OS through the most recent updates, ensuring historical context is available for older versions while capturing critical findings in current deployments. This time range allows users to analyze trends and see how remediation efforts have evolved over the product’s lifecycle. Visitors can utilize this resource to track vendor security advisories, helping them stay informed about patch releases and mitigation strategies. The page also aids in understanding specific weakness classes by showing their impact and frequency within the Fireware environment. Additionally, users can look up a product’s vulnerability history to assess risk exposure for specific versions. By consolidating this information, the page supports security professionals in making informed decisions regarding upgrade paths, configuration hardening, and incident response planning for networks relying on Fireware OS.

Vendor: WatchGuard

CVE IDTitleCVSSSeverityPublished
CVE-2026-13053 WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI Command Handler CWE-787--2026-07-02
CVE-2026-13050 WatchGuard Firebox networkd Out of Bounds Write Vulnerability CWE-787--2026-07-02
CVE-2026-13054 WatchGuard Firebox Arbitrary File Write via Path Traversal in Management Web UI CWE-22--2026-07-02
CVE-2026-13079 WatchGuard Mobile VPN with SSL Windows Client Local Privilege Escalation CWE-732--2026-07-02
CVE-2026-8247 WatchGuard Firebox admd Out of Bounds Write Vulnerability CWE-120--2026-07-02
CVE-2026-13728 WatchGuard Firebox Hardcoded Fallback Encryption Key in Access Portal Resource Credential Database CWE-798--2026-07-02
CVE-2026-13084 Null Pointer Dereference in WatchGuard Fireware OS iked Process CWE-476--2026-07-02
CVE-2026-13368 WatchGuard Firebox Race Condition and Use-After-Free in Mobile VPN with IKEv2 LDAP Authentication CWE-416--2026-07-02
CVE-2026-13722 WatchGuard Firebox Firmware Image Validation Bypass in WatchGuard Fireware OS CWE-347--2026-07-02
CVE-2026-13384 WatchGuard Firebox wgagent Out of Bounds Write Vulnerability CWE-787--2026-07-02
CVE-2026-13383 WatchGuard Firebox ikestubd Out of Bounds Write Vulnerability CWE-787--2026-07-02
CVE-2026-13377 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in SIP Proxy Configuration CWE-79--2026-07-02
CVE-2026-13376 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in spamBlocker Module CWE-79--2026-07-02
CVE-2026-13375 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Autotask Technology Integration Configuration CWE-79--2026-07-02
CVE-2026-13374 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration CWE-79--2026-07-02
CVE-2026-13373 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Tigerpaw Technology Integration Configuration CWE-79--2026-07-02
CVE-2026-13371 WatchGuard Firebox Management Web UI Denial of Service via Unsafe Deserialization CWE-502--2026-07-02
CVE-2026-3987 WatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UI CWE-22 7.2AIHighAI2026-04-01
CVE-2026-4315 WatchGuard Firebox Cross-Site Request Forgery (CSRF) in Fireware Web UI CWE-352 6.5 -2026-03-30
CVE-2026-4266 WatchGuard Firebox Insecure Deserialization in Fireware Access Portal CWE-502 7.8 -2026-03-30
CVE-2026-3344 WatchGuard Firebox System Integrity Check Bypass CWE-440 6.8AIMediumAI2026-03-03
CVE-2026-3343 WatchGuard Firebox Reflected Cross-Site-Scripting (XSS) Vulnerability in Fireware Web UI CWE-79 6.1AIMediumAI2026-03-03
CVE-2026-3342 WatchGuard Firebox Out of Bounds Write Vulnerability CWE-787 7.2AIHighAI2026-03-03
CVE-2026-1498 WatchGuard Firebox LDAP Injection CWE-90 7.5AIHighAI2026-01-30
CVE-2025-14733 WatchGuard Firebox iked Out of Bounds Write Vulnerability CWE-787 9.8 -2025-12-19
CVE-2025-1547 WatchGuard Firebox Authenticated Stack Overflow in Certificate Request Command CWE-121 6.7AIMediumAI2025-12-04
CVE-2025-6946 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in IPS Configuration CWE-79 4.8AIMediumAI2025-12-04
CVE-2025-1545 WatchGuard Firebox XPath Injection Vulnerability in Web CGI CWE-91 7.5AIHighAI2025-12-04
CVE-2025-11838 WatchGuard Firebox iked Memory Corruption Vulnerability CWE-763 7.5AIHighAI2025-12-04
CVE-2025-13940 WatchGuard Firebox Boot Time System Integrity Check Bypass CWE-440 9.1AICriticalAI2025-12-04

All 48 known CVE vulnerabilities affecting Fireware OS with full Chinese analysis, references, and POCs where available.