Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-0178

Improper Input Validation vulnerability in WatchGuard Fireware OS allows an attacker to manipulate the value of the HTTP Host header in requests sent to the Web UI. An attacker could exploit this vulnerability to redirect users to malicious websites, poison the web cache, or inject malicious JavaScript into responses sent by the Web UI. This issue affects Fireware OS: from 12.0 up to and including 12.11.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 6.1, indicating it can be exploited remotely over the network with relatively low complexity though user interaction is required and does not require pre-existing privileges . The vulnerability impacts limited data confidentiality, limited integrity, for affected systems. Impacting 28 products from watchguard, from watchguard, from watchguard and 25 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

Reported in 2025, this vulnerability emerged during an era marked by increased sophistication in supply chain attacks, cloud infrastructure vulnerabilities, and software-as-a-service (SaaS) security challenges. Security practices during this period emphasized zero-trust architectures, container security, and API protection.

Published

2025-02-14T14:15:32.403

Last Modified

2026-03-02T19:07:18.140

Status

Analyzed

Source

5d1c2695-1a31-4499-88ae-e847036fd7e3

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	watchguard	fireware	< 12.5.13	Yes
Hardware	watchguard	firebox_t15	*	No
Hardware	watchguard	firebox_t35	*	No
Operating System	watchguard	fireware	< 12.11.1	Yes
Hardware	watchguard	firebox_m270	*	No
Hardware	watchguard	firebox_m290	*	No
Hardware	watchguard	firebox_m370	*	No
Hardware	watchguard	firebox_m390	*	No
Hardware	watchguard	firebox_m440	*	No
Hardware	watchguard	firebox_m4600	*	No
Hardware	watchguard	firebox_m470	*	No
Hardware	watchguard	firebox_m4800	*	No
Hardware	watchguard	firebox_m5600	*	No
Hardware	watchguard	firebox_m570	*	No
Hardware	watchguard	firebox_m5800	*	No
Hardware	watchguard	firebox_m590	*	No
Hardware	watchguard	firebox_m670	*	No
Hardware	watchguard	firebox_m690	*	No
Hardware	watchguard	firebox_nv5	*	No
Hardware	watchguard	firebox_t20	*	No
Hardware	watchguard	firebox_t25	*	No
Hardware	watchguard	firebox_t40	*	No
Hardware	watchguard	firebox_t45	*	No
Hardware	watchguard	firebox_t55	*	No
Hardware	watchguard	firebox_t70	*	No
Hardware	watchguard	firebox_t80	*	No
Hardware	watchguard	firebox_t85	*	No
Hardware	watchguard	fireboxcloud	*	No
Hardware	watchguard	fireboxv	*	No

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00003 Vendor Advisory (5d1c2695-1a31-4499-88ae-e847036fd7e3)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For watchguard's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.