Which versions of Fireware Os are affected by CVE-2026-4315?

WatchGuard Fireware OS WebUI contains a CSRF vulnerability allowing unauthenticated attackers to trigger denial-of-service conditions against critical firewall management interfaces by deceiving…

How to fix or mitigate CVE-2026-4315?

Within 24 hours: Identify all WatchGuard Fireware OS instances running versions 11.8-11.12.4+541730, 12.0-12.11.8, or 2025.1-2026.1.2 and document locations and administrative user counts. Within 7 days: Implement network-level restrictions limiting WebUI access to trusted administrative IP ranges only; deploy email security controls to block phishing campaigns targeting firewall administrators; brief IT and security teams on the attack vector and instruct them to avoid clicking links in unsolicited emails directing them to the Fireware WebUI. Within 30 days: Contact WatchGuard for patch timeline confirmation and interim updates; evaluate migration to patched versions when released; implement reverse proxy with additional CSRF token validation in front of WebUI if available.

Fireware Os CVE-2026-4315

Q: What is the CVSS score of CVE-2026-4315?

CVE-2026-4315 has a CVSS 4.0 base score of 7.1 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-17081 HIGH

Cross-Site Request Forgery (CSRF) (CWE-352)

2026-03-30 WatchGuard

CSRF Fireware Os

7.1

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

7.1 HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

EUVD ID Assigned

Mar 30, 2026 - 13:00 euvd

EUVD-2026-17081

Analysis Generated

Mar 30, 2026 - 13:00 vuln.today

CVE Published

Mar 30, 2026 - 12:38 nvd

HIGH 7.1

DescriptionCVE.org

A Cross-Site Request Forgery (CSRF) vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service (DoS) condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.This issue affects Fireware OS: 11.8 through 11.12.4+541730, 12.0 through 12.11.8, and 2025.1 through 2026.1.2.

AnalysisAI

Cross-Site Request Forgery (CSRF) in WatchGuard Fireware OS WebUI allows remote attackers to trigger a denial-of-service condition against the Web UI by tricking an authenticated administrator into visiting a malicious webpage. This affects Fireware OS versions 11.8 through 11.12.4+541730, 12.0 through 12.11.8, and 2025.1 through 2026.1.2. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Craft malicious web page with CSRF payload

Exploit

Trick authenticated WatchGuard admin to visit page

Execution

Browser sends forged request to WebUI

Impact

Trigger denial-of-service condition in Fireware Web UI