CVE-2026-4315

UNKNOWN 0.0

WatchGuard Firebox Cross-Site Request Forgery (CSRF) in Fireware Web UI

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A Cross-Site Request Forgery (CSRF) vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service (DoS) condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.This issue affects Fireware OS: 11.8 through 11.12.4+541730, 12.0 through 12.11.8, and 2025.1 through 2026.1.2.

CWE	CWE-352
Vendor	watchguard
Product	fireware os
Published	Mar 30, 2026
Last Updated	Mar 30, 2026

Stay Ahead of the Next One

Get instant alerts for watchguard fireware os

Be the first to know when new unknown vulnerabilities affecting watchguard fireware os are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

WatchGuard / Fireware OS

11.8 ≤ 11.12.4+541730 12.0 ≤ 12.11.8 12.5 ≤ 12.5.17 2025.1 ≤ 2026.1.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

watchguard.com: https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00006

Credits

Simone Paganessi (https://www.linkedin.com/in/simonepaganessi)