PT-2026-29023 · Watchguard · Watchguard Fireware
Simone Paganessi
·
Published
2026-03-30
·
Updated
2026-03-30
·
CVE-2026-4315
CVSS v4.0
7.1
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
WatchGuard Fireware OS versions 11.8 through 11.12.4+541730
WatchGuard Fireware OS versions 12.0 through 12.11.8
WatchGuard Fireware OS versions 2025.1 through 2026.1.2
Description
A Cross-Site Request Forgery (CSRF) issue in the Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service (DoS) condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.
Recommendations
WatchGuard Fireware OS versions 11.8 through 11.12.4+541730: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
WatchGuard Fireware OS versions 12.0 through 12.11.8: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
WatchGuard Fireware OS versions 2025.1 through 2026.1.2: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Watchguard Fireware