Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WatchGuard — Vulnerabilities & Security Advisories 45

Browse all 45 CVE security advisories affecting WatchGuard. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WatchGuard Technologies provides network security appliances and cloud-based services primarily designed for small to medium-sized enterprises. The company’s Firebox hardware and Firebox Cloud platforms serve as the core infrastructure for perimeter defense, offering firewall, intrusion prevention, and threat detection capabilities. Historically, the product line has been associated with forty-one recorded Common Vulnerabilities and Exposures (CVEs), predominantly involving remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from improper input validation or authentication bypasses within the web-based management interface. While no single catastrophic incident has defined the brand’s entire history, the recurring nature of these CVEs highlights persistent challenges in securing embedded web servers. Security researchers frequently analyze these flaws to understand attack vectors against managed security gateways, emphasizing the critical need for rigorous patch management and configuration hardening in deployed environments.

Top products by WatchGuard: Fireware OS Mobile VPN with SSL Client WatchGuard Agent Authentication Gateway AuthPoint Password Manager Single Sign-On Client EPDR Terminal Services Agent
CVE IDTitleCVSSSeverityPublished
CVE-2025-4805 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Acces Portal Configuration — Fireware OSCWE-79 4.8AIMediumAI2025-05-16
CVE-2025-4804 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Hotpot Configuration — Fireware OSCWE-79 4.8AIMediumAI2025-05-16
CVE-2025-2782 WatchGuard Terminal Services Agent Local Privilege Escalation via Non-Standard Installation Directory — Terminal Services AgentCWE-276 7.8 -2025-03-28
CVE-2025-2781 WatchGuard Mobile VPN with SSL Local Privilege Escalation via Non-Standard Installation Directory — Mobile VPN with SSL ClientCWE-276 7.8 -2025-03-28
CVE-2025-0178 WatchGaurd Firebox Host Header Injection Vulnerability — Fireware OSCWE-20 5.4 -2025-02-14
CVE-2025-1239 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Blocked Sites List — Fireware OSCWE-79 4.8 -2025-02-14
CVE-2025-1071 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in spamBlocker Module — Fireware OSCWE-79 4.8 -2025-02-14
CVE-2022-31749 Authenticated arbitrary file read/write in WatchGuard Fireware OS — Fireware OSCWE-88 6.5 Medium2025-01-27
CVE-2024-8424 WatchGuard Endpoint Protection Privilege Escalation in PSANHost Enables Arbitrary File Delete as SYSTEM — EPDRCWE-269 7.8 High2024-11-07
CVE-2024-6594 WatchGuard Firebox Single Sign-On Client Denial-of-Service — Single Sign-On ClientCWE-755 7.5 High2024-09-25
CVE-2024-6593 WatchGuard Firebox Single Sign-On Agent Management Interface Authentication Bypass — Authentication GatewayCWE-863 9.1 Critical2024-09-25
CVE-2024-6592 WatchGuard Firebox Single Sign-On Agent Protocol Authorization Bypass — Authentication GatewayCWE-306 9.1 Critical2024-09-25
CVE-2024-5974 Firebox Authenticated Buffer Overflow Vulnerability — Fireware OSCWE-120 7.2 High2024-07-09
CVE-2024-4944 Mobile VPN with SSL Local Privilege Escalation Vulnerability — Mobile VPN with SSL ClientCWE-77 7.8 High2024-07-09
CVE-2024-1417 Local Code Injection Vulnerability in AuthPoint Password Manager App for macOS Safari — AuthPoint Password ManagerCWE-77 7.8 High2024-05-16

This page lists every published CVE security advisory associated with WatchGuard. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.