Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Fireware OS — Vulnerabilities & Security Advisories 31

All 31 CVE vulnerabilities found in Fireware OS, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive aggregation of identified software vulnerabilities within the Fireware OS product line, categorized under general security weakness classifications. It serves as a centralized resource for tracking security flaws affecting this specific network operating system used in Fortinet infrastructure devices. The collection includes a diverse range of vulnerability types, such as buffer overflows, input validation errors, authentication bypasses, and privilege escalation flaws. The data spans from the initial release of Fireware OS through the most recent updates, ensuring historical context is available for older versions while capturing critical findings in current deployments. This time range allows users to analyze trends and see how remediation efforts have evolved over the product’s lifecycle. Visitors can utilize this resource to track vendor security advisories, helping them stay informed about patch releases and mitigation strategies. The page also aids in understanding specific weakness classes by showing their impact and frequency within the Fireware environment. Additionally, users can look up a product’s vulnerability history to assess risk exposure for specific versions. By consolidating this information, the page supports security professionals in making informed decisions regarding upgrade paths, configuration hardening, and incident response planning for networks relying on Fireware OS.

Vendor: WatchGuard

CVE IDTitleCVSSSeverityPublished
CVE-2026-3987 WatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UI CWE-22 7.2AIHighAI2026-04-01
CVE-2026-4315 WatchGuard Firebox Cross-Site Request Forgery (CSRF) in Fireware Web UI CWE-352 6.5 -2026-03-30
CVE-2026-4266 WatchGuard Firebox Insecure Deserialization in Fireware Access Portal CWE-502 7.8 -2026-03-30
CVE-2026-3344 WatchGuard Firebox System Integrity Check Bypass CWE-440 6.8AIMediumAI2026-03-03
CVE-2026-3343 WatchGuard Firebox Reflected Cross-Site-Scripting (XSS) Vulnerability in Fireware Web UI CWE-79 6.1AIMediumAI2026-03-03
CVE-2026-3342 WatchGuard Firebox Out of Bounds Write Vulnerability CWE-787 7.2AIHighAI2026-03-03
CVE-2026-1498 WatchGuard Firebox LDAP Injection CWE-90 7.5AIHighAI2026-01-30
CVE-2025-14733 WatchGuard Firebox iked Out of Bounds Write Vulnerability CWE-787 9.8 -2025-12-19
CVE-2025-1547 WatchGuard Firebox Authenticated Stack Overflow in Certificate Request Command CWE-121 6.7AIMediumAI2025-12-04
CVE-2025-6946 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in IPS Configuration CWE-79 4.8AIMediumAI2025-12-04
CVE-2025-1545 WatchGuard Firebox XPath Injection Vulnerability in Web CGI CWE-91 7.5AIHighAI2025-12-04
CVE-2025-11838 WatchGuard Firebox iked Memory Corruption Vulnerability CWE-763 7.5AIHighAI2025-12-04
CVE-2025-13940 WatchGuard Firebox Boot Time System Integrity Check Bypass CWE-440 9.1AICriticalAI2025-12-04
CVE-2025-13939 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Gateway Wireless Controller CWE-79 5.4AIMediumAI2025-12-04
CVE-2025-13938 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Autotask Technology Integration Configuration CWE-79 5.4AIMediumAI2025-12-04
CVE-2025-13937 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration CWE-79 5.4AIMediumAI2025-12-04
CVE-2025-13936 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Tigerpaw Technology Integration Configuration CWE-79 4.8AIMediumAI2025-12-04
CVE-2025-12196 WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI Ping Command CWE-787 6.7AIMediumAI2025-12-04
CVE-2025-12195 WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI IPSec Configuration CWE-787 6.7AIMediumAI2025-12-04
CVE-2025-12026 WatchGuard Firebox Authenticated Out of Bounds Write in certd CWE-787 6.7AIMediumAI2025-12-04
CVE-2025-4106 WatchGuard Firebox leftover debug code vulnerability CWE-489 7.2 -2025-10-24
CVE-2025-9242 WatchGuard Firebox iked Out of Bounds Write Vulnerability CWE-787 9.8AICriticalAI2025-09-17
CVE-2025-6947 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in SIP Proxy Configuration CWE-79 4.8AIMediumAI2025-09-15
CVE-2025-6999 WatchGuard Firebox Authentication Portal Request Smuggling Vulnerability CWE-444 6.1AIMediumAI2025-09-15
CVE-2025-4805 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Acces Portal Configuration CWE-79 4.8AIMediumAI2025-05-16
CVE-2025-4804 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Hotpot Configuration CWE-79 4.8AIMediumAI2025-05-16
CVE-2025-0178 WatchGaurd Firebox Host Header Injection Vulnerability CWE-20 5.4 -2025-02-14
CVE-2025-1239 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Blocked Sites List CWE-79 4.8 -2025-02-14
CVE-2025-1071 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in spamBlocker Module CWE-79 4.8 -2025-02-14
CVE-2022-31749 Authenticated arbitrary file read/write in WatchGuard Fireware OS CWE-88 6.5 Medium2025-01-27

All 31 known CVE vulnerabilities affecting Fireware OS with full Chinese analysis, references, and POCs where available.