Skip to main content

Fireware CVE-2025-1545

| EUVDEUVD-2025-201297 HIGH
XML Injection (aka Blind XPath Injection) (CWE-91)
2025-12-04 5d1c2695-1a31-4499-88ae-e847036fd7e3
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 15, 2026 - 16:35 euvd
EUVD-2025-201297
Analysis Generated
Mar 15, 2026 - 16:35 vuln.today
CVE Published
Dec 04, 2025 - 22:15 nvd
HIGH 7.5

DescriptionCVE.org

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only affects Firebox systems that have at least one authentication hotspot configured.This issue affects Fireware OS 11.11 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

Analysis

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only affects Firebox systems that have at least one authentication hotspot configured.This issue affects Fireware OS 11.11 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

Technical ContextAI

Information disclosure occurs when an application inadvertently reveals sensitive data to unauthorized actors through error messages, logs, or improper access controls.

RemediationAI

Implement proper access controls. Sanitize error messages in production. Review logging practices to avoid capturing sensitive data.

CVE-2025-9242 CRITICAL POC
9.3 Sep 17

WatchGuard Fireware OS contains an out-of-bounds write in IKEv2 VPN handling enabling unauthenticated remote code execut

CVE-2025-11838 HIGH
7.5 Dec 04

A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of

CVE-2025-12196 HIGH
7.2 Dec 04

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to exe

CVE-2025-12195 HIGH
7.2 Dec 04

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to exe

CVE-2026-3342 HIGH
7.2 Mar 03

WatchGuard Fireware OS contains an out-of-bounds write vulnerability in its management interface that permits authentica

CVE-2025-12026 HIGH
7.2 Dec 04

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS’s certificate request command could allow an authenticate

CVE-2025-1547 HIGH
7.2 Dec 04

A stack-based buffer overflow vulnerability [CWE-121] in WatchGuard Fireware OS's certificate request command could allo

CVE-2026-3343 MEDIUM
6.1 Mar 03

Fireware OS Web UI contains a reflected XSS vulnerability that allows attackers to execute arbitrary JavaScript in authe

CVE-2025-13939 MEDIUM
6.1 Dec 04

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard

CVE-2025-13938 MEDIUM
6.1 Dec 04

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard

CVE-2025-13937 MEDIUM
6.1 Dec 04

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard

CVE-2025-13936 MEDIUM
6.1 Dec 04

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard

Share

CVE-2025-1545 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy