CVE-2026-13054
WatchGuard Firebox Arbitrary File Write via Path Traversal in Management Web UI
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A path traversal vulnerability in the WatchGuard Fireware OS Management Web UI allows a privileged authenticated attacker to write arbitrary files on the Firebox's filesystem. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4_Update1, 12.0 up to and including 12.12 and 2025.1 up to and including 2026.2.
| CWE | CWE-22 |
| Vendor | watchguard |
| Product | fireware os |
| Published | Jul 2, 2026 |
Stay Ahead of the Next One
Get instant alerts for watchguard fireware os
Be the first to know when new unknown vulnerabilities affecting watchguard fireware os are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
WatchGuard / Fireware OS
11.0 โค 11.12.4+541730 12.0 โค 12.12 12.5 โค 12.5.18 2025.1 โค 2026.2
References
Credits
Nicholas Zubrisky (@NZubrisky) of TrendAI Research