CVE-2026-3987

UNKNOWN 0.0

WatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UI

CVSS Score

0.0

EPSS Score

0.4%

EPSS Percentile

59th

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and including 2026.1.2.

CWE	CWE-22
Vendor	watchguard
Product	fireware os
Published	Apr 1, 2026
Last Updated	Apr 3, 2026

Stay Ahead of the Next One

Get instant alerts for watchguard fireware os

Be the first to know when new unknown vulnerabilities affecting watchguard fireware os are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

WatchGuard / Fireware OS

12.6.1 ≤ 12.11.8 2025.1 ≤ 2026.1.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

watchguard.com: https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00009

Credits

btaol