Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WatchGuard — Vulnerabilities & Security Advisories 45

Browse all 45 CVE security advisories affecting WatchGuard. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WatchGuard Technologies provides network security appliances and cloud-based services primarily designed for small to medium-sized enterprises. The company’s Firebox hardware and Firebox Cloud platforms serve as the core infrastructure for perimeter defense, offering firewall, intrusion prevention, and threat detection capabilities. Historically, the product line has been associated with forty-one recorded Common Vulnerabilities and Exposures (CVEs), predominantly involving remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from improper input validation or authentication bypasses within the web-based management interface. While no single catastrophic incident has defined the brand’s entire history, the recurring nature of these CVEs highlights persistent challenges in securing embedded web servers. Security researchers frequently analyze these flaws to understand attack vectors against managed security gateways, emphasizing the critical need for rigorous patch management and configuration hardening in deployed environments.

Top products by WatchGuard: Fireware OS Mobile VPN with SSL Client WatchGuard Agent Authentication Gateway AuthPoint Password Manager Single Sign-On Client EPDR Terminal Services Agent
CVE IDTitleCVSSSeverityPublished
CVE-2026-6788 Uncontrolled search path in PluginLauncher allows SYSTEM code execution in WatchGuard Agent — WatchGuard AgentCWE-427 7.3AIHighAI2026-05-06
CVE-2026-6787 Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process — WatchGuard AgentCWE-321 8.4AIHighAI2026-05-06
CVE-2026-41288 WatchGuard Agent on Windows Privilege Escalation Vulnerability — WatchGuard AgentCWE-732 7.8AIHighAI2026-05-06
CVE-2026-41287 Stack-based Buffer Overflow in WatchGuard Agent Discovery Service on Windows Causes Denial of Service - Variant A — WatchGuard AgentCWE-121 6.5AIMediumAI2026-05-06
CVE-2026-3987 WatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UI — Fireware OSCWE-22 7.2AIHighAI2026-04-01
CVE-2026-4315 WatchGuard Firebox Cross-Site Request Forgery (CSRF) in Fireware Web UI — Fireware OSCWE-352 6.5 -2026-03-30
CVE-2026-4266 WatchGuard Firebox Insecure Deserialization in Fireware Access Portal — Fireware OSCWE-502 7.8 -2026-03-30
CVE-2026-3344 WatchGuard Firebox System Integrity Check Bypass — Fireware OSCWE-440 6.8AIMediumAI2026-03-03
CVE-2026-3343 WatchGuard Firebox Reflected Cross-Site-Scripting (XSS) Vulnerability in Fireware Web UI — Fireware OSCWE-79 6.1AIMediumAI2026-03-03
CVE-2026-3342 WatchGuard Firebox Out of Bounds Write Vulnerability — Fireware OSCWE-787 7.2AIHighAI2026-03-03
CVE-2026-1498 WatchGuard Firebox LDAP Injection — Fireware OSCWE-90 7.5AIHighAI2026-01-30
CVE-2025-14733 WatchGuard Firebox iked Out of Bounds Write Vulnerability — Fireware OSCWE-787 9.8 -2025-12-19
CVE-2025-1547 WatchGuard Firebox Authenticated Stack Overflow in Certificate Request Command — Fireware OSCWE-121 6.7AIMediumAI2025-12-04
CVE-2025-1910 WatchGuard Mobile VPN with SSL Local Privilege Escalation via Update Package — Mobile VPN with SSL ClientCWE-77 7.8AIHighAI2025-12-04
CVE-2025-6946 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in IPS Configuration — Fireware OSCWE-79 4.8AIMediumAI2025-12-04
CVE-2025-1545 WatchGuard Firebox XPath Injection Vulnerability in Web CGI — Fireware OSCWE-91 7.5AIHighAI2025-12-04
CVE-2025-11838 WatchGuard Firebox iked Memory Corruption Vulnerability — Fireware OSCWE-763 7.5AIHighAI2025-12-04
CVE-2025-13940 WatchGuard Firebox Boot Time System Integrity Check Bypass — Fireware OSCWE-440 9.1AICriticalAI2025-12-04
CVE-2025-13939 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Gateway Wireless Controller — Fireware OSCWE-79 5.4AIMediumAI2025-12-04
CVE-2025-13938 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Autotask Technology Integration Configuration — Fireware OSCWE-79 5.4AIMediumAI2025-12-04
CVE-2025-13937 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration — Fireware OSCWE-79 5.4AIMediumAI2025-12-04
CVE-2025-13936 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Tigerpaw Technology Integration Configuration — Fireware OSCWE-79 4.8AIMediumAI2025-12-04
CVE-2025-12196 WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI Ping Command — Fireware OSCWE-787 6.7AIMediumAI2025-12-04
CVE-2025-12195 WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI IPSec Configuration — Fireware OSCWE-787 6.7AIMediumAI2025-12-04
CVE-2025-12026 WatchGuard Firebox Authenticated Out of Bounds Write in certd — Fireware OSCWE-787 6.7AIMediumAI2025-12-04
CVE-2025-1549 WatchGuard Mobile VPN with SSL Local Privilege Escallation — Mobile VPN with SSL ClientCWE-77 7.8AIHighAI2025-10-29
CVE-2025-4106 WatchGuard Firebox leftover debug code vulnerability — Fireware OSCWE-489 7.2 -2025-10-24
CVE-2025-9242 WatchGuard Firebox iked Out of Bounds Write Vulnerability — Fireware OSCWE-787 9.8AICriticalAI2025-09-17
CVE-2025-6947 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in SIP Proxy Configuration — Fireware OSCWE-79 4.8AIMediumAI2025-09-15
CVE-2025-6999 WatchGuard Firebox Authentication Portal Request Smuggling Vulnerability — Fireware OSCWE-444 6.1AIMediumAI2025-09-15

This page lists every published CVE security advisory associated with WatchGuard. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.