Overview A Stored Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-13938, has been discovered in the Autotask Technology Integration module of WatchGuard Fireware OS. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users, potentially leading to unauthorized access, data theft, or other malicious activities. This issue affects the following versions of WatchGuard Fireware OS: 12.4 up to and including 12.11.4 12.5 up to and including 12.5.13 2025.1 up to and including 2025.1.2 Technical Details CVE-2025-13938 is a Stored XSS vulnerability. This means that the malicious script injected by an attacker is permanently stored on the…

Overview CVE-2025-13937 details a stored Cross-Site Scripting (XSS) vulnerability discovered in the ConnectWise Technology Integration module of WatchGuard Fireware OS. This vulnerability allows an attacker to inject malicious scripts into the system, which are then stored and executed whenever a user interacts with the affected area of the Fireware OS interface. This vulnerability affects Fireware OS versions 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2. Technical Details The vulnerability arises from the improper neutralization of user-supplied input during the generation of web pages within the ConnectWise Technology Integration module.…

Overview This article provides a detailed analysis of CVE-2025-13936, a stored Cross-Site Scripting (XSS) vulnerability affecting WatchGuard Fireware OS. This vulnerability, present in the Tigerpaw Technology Integration module, could allow attackers to inject malicious scripts into the system, potentially leading to unauthorized access and data compromise. It’s crucial for WatchGuard users to understand the implications of this vulnerability and take immediate steps to mitigate the risk. Technical Details CVE-2025-13936 is classified as an Improper Neutralization of Input During Web Page Generation (XSS) vulnerability. Specifically, it is a stored XSS vulnerability. This means that the malicious script injected by an attacker…

Overview CVE-2025-13932 describes a Broken Access Control vulnerability, specifically an Insecure Direct Object Reference (IDOR), found in the SolisCloud API. This flaw allows any authenticated user to access detailed data of any plant managed within the SolisCloud platform. By simply altering the plant_id parameter in API requests, an attacker can bypass intended access controls and view sensitive information of other users’ plants. This vulnerability was published on 2025-12-04T22:15:47.353. Technical Details The SolisCloud API uses the plant_id parameter to identify and retrieve information about specific plants. The vulnerability lies in the lack of proper authorization checks to ensure that the authenticated…

Overview CVE-2025-12986 describes a denial-of-service (DoS) vulnerability affecting WF200 and WGM160P devices when configured to operate as Access Points (APs). This vulnerability can be triggered by sending a specifically crafted, malformed packet to the device. Successful exploitation of this vulnerability may result in the device becoming unresponsive, requiring either an automatic recovery or a manual hard reset. Technical Details The vulnerability lies in the way the WF200/WGM160P devices handle incoming network packets when operating in Access Point mode. A malformed packet, specifically designed to exploit a parsing error or resource exhaustion issue within the device’s firmware, can lead to a…

Overview CVE-2025-12196 is a security vulnerability identified in WatchGuard Fireware OS. This Out-of-Bounds Write vulnerability, present in the Command Line Interface (CLI), could allow an authenticated user with elevated privileges to potentially execute arbitrary code on the affected system. A specifically crafted CLI command is required to exploit this vulnerability. Technical Details The vulnerability stems from insufficient bounds checking within the Fireware OS CLI. An attacker with appropriate credentials can send a malicious CLI command, causing the system to write data beyond the allocated memory buffer. This out-of-bounds write can overwrite critical system data, potentially leading to arbitrary code execution.…

Overview CVE-2025-12195 is a newly discovered security vulnerability affecting WatchGuard Fireware OS. This out-of-bounds write vulnerability in the Command Line Interface (CLI) could allow an authenticated, privileged user to potentially execute arbitrary code on the system. This poses a significant risk to the confidentiality, integrity, and availability of affected WatchGuard firewalls. Technical Details The vulnerability resides within the CLI’s handling of IPSec configuration commands. Specifically, a specially crafted IPSec configuration command can trigger an out-of-bounds write condition. This occurs due to insufficient bounds checking when processing user-supplied data, leading to memory corruption. An attacker with the necessary privileges could exploit…

Overview A critical security vulnerability, identified as CVE-2025-12026, has been discovered in WatchGuard Fireware OS. This is an Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands. This article provides a detailed analysis of the vulnerability, its potential impact, and the necessary mitigation steps. Technical Details CVE-2025-12026 is an Out-of-bounds Write vulnerability affecting the certificate request command within the WatchGuard Fireware OS command-line interface (CLI). An authenticated user with sufficient privileges can exploit this flaw by sending specially crafted CLI commands related to certificate…

Overview A critical memory corruption vulnerability, identified as CVE-2025-11838, has been discovered in WatchGuard Fireware OS. This vulnerability could allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. Technical Details CVE-2025-11838 stems from a memory corruption flaw within the IKEv2 VPN implementation in WatchGuard Fireware OS. When a dynamic gateway peer is configured, a specially crafted network packet can trigger memory corruption, leading to a system crash and a subsequent Denial of Service (DoS). The vulnerability…

Overview CVE-2025-10285 describes a security vulnerability found in the web interface of the Silicon Labs Simplicity Device Manager. This flaw allows an attacker to potentially extract the NTLMv2 hash of a user accessing the exposed web interface. A successful attacker could then attempt to crack this hash offline, potentially gaining unauthorized access to the user’s domain account. Technical Details The vulnerability stems from the Simplicity Device Manager’s web interface being accessible without proper authentication or authorization controls. An attacker can potentially trigger a process on the vulnerable interface that forces the user’s browser to attempt authentication using NTLMv2. This authentication…