WatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UI

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and including 2026.1.2.

N/A

对路径名的限制不恰当(路径遍历)

WatchGuard Firebox Fireware OS 安全漏洞

WatchGuard Firebox Fireware OS是美国WatchGuard公司的一款为防火墙设备提供安全防护与流量控制能力的操作系统。 WatchGuard Firebox Fireware OS 12.6.1至12.11.8版本和2025.1至2026.1.2版本存在安全漏洞，该漏洞源于Web UI存在路径遍历，可能导致经过身份验证的远程特权攻击者在提升的系统进程环境中执行任意代码。

N/A

N/A