CVE-2026-13371
WatchGuard Firebox Management Web UI Denial of Service via Unsafe Deserialization
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
An authenticated administrator can trigger a denial-of-service condition in the Fireware Management Web UI by sending malformed or crafted data to the put_data endpoint, which performs unsafe deserialization of the attacker-supplied input.
| CWE | CWE-502 |
| Vendor | watchguard |
| Product | fireware os |
| Published | Jul 2, 2026 |
Stay Ahead of the Next One
Get instant alerts for watchguard fireware os
Be the first to know when new unknown vulnerabilities affecting watchguard fireware os are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
WatchGuard / Fireware OS
12.0 โค 12.12 12.5 โค 12.5.18 2025.1 โค 2026.2
References
Credits
Cody Sixteen