CVE-2026-3343

UNKNOWN 0.0

WatchGuard Firebox Reflected Cross-Site-Scripting (XSS) Vulnerability in Fireware Web UI

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the context of an authenticated management user's browser when they click on a specially crafted link. This vulnerability affects Fireware OS 12.7 up to and including 12.11.7 and 2025.1 up to and including 2026.1.1.

CWE	CWE-79
Vendor	watchguard
Product	fireware os
Published	Mar 3, 2026
Last Updated	Mar 4, 2026

Stay Ahead of the Next One

Get instant alerts for watchguard fireware os

Be the first to know when new unknown vulnerabilities affecting watchguard fireware os are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

WatchGuard / Fireware OS

12.7 ≤ 12.11.7 2025.1 ≤ 2026.1.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

watchguard.com: https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00004

Credits

btaol