What is the CVSS score of CVE-2025-1545?

CVE-2025-1545 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.1%.

Which versions of Fireware are affected by CVE-2025-1545?

WatchGuard Firebox systems with authentication hotspots are vulnerable to unauthorized configuration data extraction via XPath injection.

How to fix or mitigate CVE-2025-1545?

Within 24 hours: Inventory all Firebox deployments, identify systems with authentication hotspots configured, and restrict network access to management interfaces to trusted IPs only. Within 7 days: Implement WAF rules to block XPath injection patterns on management interfaces, disable hotspot authentication features if operationally feasible, or air-gap affected systems pending patch availability. Within 30 days: Monitor WatchGuard security advisories for patch release, conduct configuration audit of affected systems for unauthorized access indicators, and establish compensating controls roadmap with vendor timelines.

Fireware CVE-2025-1545

EUVD-2025-201297 HIGH

XML Injection (aka Blind XPath Injection) (CWE-91)

2025-12-04 5d1c2695-1a31-4499-88ae-e847036fd7e3

Information Disclosure Fireware

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 16:35 euvd

EUVD-2025-201297

Analysis Generated

Mar 15, 2026 - 16:35 vuln.today

CVE Published

Dec 04, 2025 - 22:15 nvd

HIGH 7.5

DescriptionNVD

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only affects Firebox systems that have at least one authentication hotspot configured.This issue affects Fireware OS 11.11 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

Analysis

Technical ContextAI

Information disclosure occurs when an application inadvertently reveals sensitive data to unauthorized actors through error messages, logs, or improper access controls.

RemediationAI

Implement proper access controls. Sanitize error messages in production. Review logging practices to avoid capturing sensitive data.

CVE-2025-1545 vulnerability details – vuln.today

Back

Fireware CVE-2025-1545

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code