← Back to home
wid-sec-w-2026-0952  ·  Published 2026-04-01  ·  View on BSI CERT-Bund ↗

WatchGuard Firebox: Vulnerability allows Code execution

CVSS 8.6 HIGH

Risk Summary

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and including 2026.1.2.

CVEs (1)

Affected Vendors

WatchGuard

Affected Products (4)

WatchGuard · Firebox <2026.2
WatchGuard · Firebox 2026.2
WatchGuard · Firebox <12.12
WatchGuard · Firebox 12.12

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more