本ページは watchguard firebox に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-6947 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the SIP Proxy module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Firebox: from 12.0 through 12.11.2. | 5d1c2695-1a31-4499-88ae-e847036fd7e3 | 4.8 | 0.34% | 2025-09-15 | 2026-06-17 |
| CVE-2002-1520 | The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privileges. | [email protected] | 10.0 | 2.77% | 2003-04-02 | 2026-06-16 |
| CVE-2002-1519 | Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the password parameter. | [email protected] | 10.0 | 4.28% | 2003-04-02 | 2026-06-16 |
| CVE-2002-1046 | Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to TCP port 4110. | [email protected] | 5.0 | 1.74% | 2002-10-04 | 2026-06-16 |
| CVE-2000-0783 | Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed URL to the authentication service on port 4100. | [email protected] | 5.0 | 1.77% | 2000-10-20 | 2026-06-16 |