How to fix CVE-2025-1545?

Within 24 hours: Inventory all Firebox deployments, identify systems with authentication hotspots configured, and restrict network access to management interfaces to trusted IPs only. Within 7 days: Implement WAF rules to block XPath injection patterns on management interfaces, disable hotspot authentication features if operationally feasible, or air-gap affected systems pending patch availability. Within 30 days: Monitor WatchGuard security advisories for patch release, conduct configuration audit of affected systems for unauthorized access indicators, and establish compensating controls roadmap with vendor timelines.

Is Fireware affected by CVE-2025-1545?

WatchGuard Firebox systems with authentication hotspots are vulnerable to unauthorized configuration data extraction via XPath injection.

CVE-2025-1545

EUVD-2025-201297 HIGH

2025-12-04 5d1c2695-1a31-4499-88ae-e847036fd7e3

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 15, 2026 - 16:35 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 16:35 euvd

EUVD-2025-201297

CVE Published

Dec 04, 2025 - 22:15 nvd

HIGH 7.5

Description

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only affects Firebox systems that have at least one authentication hotspot configured.This issue affects Fireware OS 11.11 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

Analysis

Technical Context

Information disclosure occurs when an application inadvertently reveals sensitive data to unauthorized actors through error messages, logs, or improper access controls.

Affected Products

Affected products: Watchguard Fireware

Remediation

Implement proper access controls. Sanitize error messages in production. Review logging practices to avoid capturing sensitive data.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +38

POC: 0

CVE-2025-1545 vulnerability details – vuln.today

Back

CVE-2025-1545

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-1545

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code