CVE-2025-6946

Published: Dec 4, 2025Modified: Dec 10, 2025

4.8

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: 5d1c2695-1a31-4499-88ae-e847036fd7e3 (Secondary)

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the IPS module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Firebox: from 12.0 through 12.11.2.

Affected (2)

Products: Watchguard: Fireware

Watchguard

1 product

Fireware

Configuration A

1 vulnerable · 25 platform

Vulnerable Software	Affected Versions
Watchguard Fireware	From 12.0.0 to 12.11.3

Running on/with	Platform Versions
Watchguard Firebox M270	All versions
Watchguard Firebox M290	All versions
Watchguard Firebox M370	All versions
Watchguard Firebox M390	All versions
Watchguard Firebox M440	All versions
Watchguard Firebox M4600	All versions
Watchguard Firebox M470	All versions
Watchguard Firebox M4800	All versions
Watchguard Firebox M5600	All versions
Watchguard Firebox M570	All versions
Watchguard Firebox M5800	All versions
Watchguard Firebox M590	All versions
Watchguard Firebox M670	All versions
Watchguard Firebox M690	All versions
Watchguard Firebox Nv5	All versions
Watchguard Firebox T20	All versions
Watchguard Firebox T25	All versions
Watchguard Firebox T40	All versions
Watchguard Firebox T45	All versions
Watchguard Firebox T55	All versions
Watchguard Firebox T70	All versions
Watchguard Firebox T80	All versions
Watchguard Firebox T85	All versions
Watchguard Fireboxcloud	All versions
Watchguard Fireboxv	All versions

Configuration B

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Watchguard Fireware	From 12.5 to 12.5.13

Running on/with	Platform Versions
Watchguard Firebox T15	All versions
Watchguard Firebox T35	All versions

Related CWEs

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (1)

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00011

Source: 5d1c2695-1a31-4499-88ae-e847036fd7e3

Vendor Advisory

Timeline

No history available yet.