Overview CVE-2025-65899 describes a user enumeration vulnerability affecting Kalmia CMS version 0.2.0. This vulnerability resides within the application’s authentication mechanism. By observing differing error messages returned by the system during login attempts, an unauthenticated attacker can determine valid usernames present on the system. This can be a crucial first step in a more complex attack. Technical Details The vulnerability stems from the way Kalmia CMS 0.2.0 handles authentication failures. When an attacker attempts to log in with an invalid username, the system returns an error message indicating “user_not_found”. However, if the username is valid but the password is incorrect, the…

Overview CVE-2025-53704 describes a high-severity vulnerability affecting the password reset mechanism of the Pivot client application. This weakness can potentially allow an attacker to take control of user accounts by exploiting flaws in the password recovery process. Immediate action is recommended to mitigate this risk. Technical Details The password reset mechanism in the Pivot client is insufficiently secure. The exact nature of the vulnerability is not detailed here but can be found in the referenced advisories. Common weaknesses in such mechanisms include: Predictable reset tokens Lack of rate limiting on reset requests Insecure transmission of reset links Ability to manipulate…

Overview A critical privilege escalation vulnerability, identified as CVE-2025-1910, has been discovered in the WatchGuard Mobile VPN with SSL Client for Windows. This vulnerability allows a locally authenticated, non-administrative Windows user to elevate their privileges to NT AUTHORITY/SYSTEM. This effectively grants the attacker complete control over the affected Windows machine. This vulnerability affects versions 12.0 up to and including 12.11.2 of the WatchGuard Mobile VPN with SSL Client. Technical Details The specific technical details of the vulnerability are not publicly disclosed in full at this time to prevent further exploitation. However, it involves a flaw in how the WatchGuard Mobile…

Overview A critical security vulnerability, identified as CVE-2025-1547, has been discovered in WatchGuard Fireware OS. This vulnerability is a stack-based buffer overflow (CWE-121) that could allow an authenticated and privileged user to execute arbitrary code on the affected device. The vulnerability resides within the certificate request command processing of Fireware OS’s CLI interface. This article provides a detailed analysis of the vulnerability, its potential impact, and the necessary steps to mitigate the risk. Technical Details CVE-2025-1547 is a stack-based buffer overflow vulnerability [CWE-121] present in how WatchGuard Fireware OS processes certificate request commands received through the command-line interface (CLI). A…

Overview CVE-2025-1545 describes an XPath Injection vulnerability affecting WatchGuard Fireware OS. This flaw could allow a remote, unauthenticated attacker to potentially retrieve sensitive information directly from the Firebox configuration. The vulnerability is triggered through an exposed authentication or management web interface and only impacts Firebox systems configured with at least one authentication hotspot. This advisory provides a detailed analysis of the vulnerability, its potential impact, and recommended mitigation steps. Technical Details The vulnerability resides within the Fireware OS versions specified below. Specifically, it occurs due to insufficient input sanitization when processing XPath queries within the authentication or management web interface.…

Overview CVE-2025-13940 is a security vulnerability affecting WatchGuard Fireware OS. This vulnerability, classified as an Expected Behavior Violation [CWE-440], allows a potential attacker to bypass the Fireware OS boot-time system integrity check. This bypass can prevent the Firebox from shutting down, even if the system integrity check fails. While the on-demand system integrity check in the Fireware Web UI will correctly display a failed system integrity check message, the underlying protection mechanism during boot may be compromised. Technical Details The vulnerability resides in the boot process of WatchGuard Fireware OS. Specifically, the flaw allows an attacker to potentially circumvent the…

Overview This article details CVE-2025-13939, a Stored Cross-Site Scripting (XSS) vulnerability affecting the Gateway Wireless Controller module in WatchGuard Fireware OS. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users, potentially leading to account compromise, data theft, or other malicious activities. The vulnerability affects multiple versions of Fireware OS, highlighting the importance of immediate patching. Technical Details CVE-2025-13939 is a Stored XSS vulnerability, meaning the malicious script is stored on the server (WatchGuard Fireware OS) and executed when other users access the affected web page. The vulnerability stems from improper neutralization of user-supplied…

Overview A Stored Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-13938, has been discovered in the Autotask Technology Integration module of WatchGuard Fireware OS. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users, potentially leading to unauthorized access, data theft, or other malicious activities. This issue affects the following versions of WatchGuard Fireware OS: 12.4 up to and including 12.11.4 12.5 up to and including 12.5.13 2025.1 up to and including 2025.1.2 Technical Details CVE-2025-13938 is a Stored XSS vulnerability. This means that the malicious script injected by an attacker is permanently stored on the…

Overview CVE-2025-13937 details a stored Cross-Site Scripting (XSS) vulnerability discovered in the ConnectWise Technology Integration module of WatchGuard Fireware OS. This vulnerability allows an attacker to inject malicious scripts into the system, which are then stored and executed whenever a user interacts with the affected area of the Fireware OS interface. This vulnerability affects Fireware OS versions 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2. Technical Details The vulnerability arises from the improper neutralization of user-supplied input during the generation of web pages within the ConnectWise Technology Integration module.…

Overview This article provides a detailed analysis of CVE-2025-13936, a stored Cross-Site Scripting (XSS) vulnerability affecting WatchGuard Fireware OS. This vulnerability, present in the Tigerpaw Technology Integration module, could allow attackers to inject malicious scripts into the system, potentially leading to unauthorized access and data compromise. It’s crucial for WatchGuard users to understand the implications of this vulnerability and take immediate steps to mitigate the risk. Technical Details CVE-2025-13936 is classified as an Improper Neutralization of Input During Web Page Generation (XSS) vulnerability. Specifically, it is a stored XSS vulnerability. This means that the malicious script injected by an attacker…