Simone Paganessi

**Name of the Vulnerable Software and Affected Versions** WatchGuard Fireware OS versions 11.8 through 11.12.4+541730 WatchGuard Fireware OS versions 12.0 through 12.11.8 WatchGuard Fireware OS versions 2025.1 through 2026.1.2 **Description** A Cross-Site Request Forgery (CSRF) issue in the Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service (DoS) condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page. **Recommendations** WatchGuard Fireware OS versions 11.8 through 11.12.4+541730: At the moment, there is no information about a newer version that contains a fix for this vulnerability. WatchGuard Fireware OS versions 12.0 through 12.11.8: At the moment, there is no information about a newer version that contains a fix for this vulnerability. WatchGuard Fireware OS versions 2025.1 through 2026.1.2: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WatchGuard Fireware OS versions 12.4 through 12.11.4 WatchGuard Fireware OS versions 12.5 through 12.5.13 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 **Description** A flaw exists in the Tigerpaw Technology Integration module of WatchGuard Fireware OS that allows for Stored Cross-site Scripting (XSS). This issue is due to improper neutralization of input during web page generation. Successful exploitation could allow an attacker to inject malicious scripts into web pages viewed by other users. **Recommendations** Update WatchGuard Fireware OS to a version later than 12.11.4. Update WatchGuard Fireware OS to a version later than 12.5.13. Update WatchGuard Fireware OS to a version later than 2025.1.2.

**Name of the Vulnerable Software and Affected Versions** WatchGuard Fireware OS versions 12.4 through 12.11.4 WatchGuard Fireware OS versions 12.5 through 12.5.13 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 **Description** A flaw exists in the ConnectWise Technology Integration module of WatchGuard Fireware OS that allows for Stored Cross-site Scripting (XSS). This issue is due to improper neutralization of input during web page generation. Stored XSS occurs when a malicious script is stored on the target server and then executed by other users when they access the affected web page. **Recommendations** Update WatchGuard Fireware OS to a version later than 12.11.4. Update WatchGuard Fireware OS to a version later than 12.5.13. Update WatchGuard Fireware OS to a version later than 2025.1.2.

**Name of the Vulnerable Software and Affected Versions** WatchGuard Fireware OS versions 12.4 through 12.11.4 WatchGuard Fireware OS versions 12.5 through 12.5.13 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 **Description** A flaw exists in the Autotask Technology Integration module of WatchGuard Fireware OS that allows for Stored Cross-site Scripting (XSS). This issue is due to improper neutralization of input during web page generation. **Recommendations** Update WatchGuard Fireware OS to a version later than 12.11.4. Update WatchGuard Fireware OS to a version later than 12.5.13. Update WatchGuard Fireware OS to a version later than 2025.1.2.

**Name of the Vulnerable Software and Affected Versions** WatchGuard Fireware OS versions 11.7.2 through 11.12.4+541730 WatchGuard Fireware OS versions 12.0 through 12.11.4 WatchGuard Fireware OS versions 12.5 through 12.5.13 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 **Description** A flaw exists in the Gateway Wireless Controller module of WatchGuard Fireware OS that allows for Stored Cross-site Scripting (XSS). This issue is due to improper neutralization of input during web page generation. Successful exploitation could allow an attacker to inject malicious scripts into web pages viewed by other users. **Recommendations** Update WatchGuard Fireware OS to a version later than 11.12.4+541730. Update WatchGuard Fireware OS to a version later than 12.11.4. Update WatchGuard Fireware OS to a version later than 12.5.13. Update WatchGuard Fireware OS to a version later than 2025.1.2.

Name of the Vulnerable Software and Affected Versions: WatchGuard Fireware OS versions 12.0 through 12.1.1 is incorrect, the correct range is: WatchGuard Fireware OS versions 12.0 through 12.11.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Stored XSS attacks. To exploit this issue, an authenticated administrator session to a locally managed Firebox is required. Recommendations: For WatchGuard Fireware OS versions 12.0 through 12.11.1, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WatchGuard Fireware OS versions 12.0 through 12.5.12+701324 WatchGuard Fireware OS versions 12.6 through 12.11 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Stored XSS via the spamBlocker module. The vulnerability requires an authenticated administrator session to a locally managed Firebox. **Recommendations** For versions 12.0 through 12.5.12+701324, update to a version outside of this range to mitigate the risk. For versions 12.6 through 12.11, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider disabling the spamBlocker module until a patch is available.

Name of the Vulnerable Software and Affected Versions: WatchGuard Fireware OS versions 12.0 through 12.5.12+701324 WatchGuard Fireware OS versions 12.6 through 12.11 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows for Stored XSS via the Blocked Sites list. The vulnerability requires an authenticated administrator session to a locally managed Firebox. Recommendations: For versions 12.0 through 12.5.12+701324, update to a version outside of this range to mitigate the risk. For versions 12.6 through 12.11, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to the Blocked Sites list until a patch is available.