Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-13939

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Gateway Wireless Controller module) allows Stored XSS.This issue affects Fireware OS 11.7.2 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

Published

2025-12-04T22:15:48.000

Last Modified

2025-12-10T16:03:53.653

Status

Analyzed

Source

5d1c2695-1a31-4499-88ae-e847036fd7e3

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	watchguard	fireware	< 2025.1.3	Yes
Hardware	watchguard	firebox_t115-w	-	No
Hardware	watchguard	firebox_t125	-	No
Hardware	watchguard	firebox_t125-w	-	No
Hardware	watchguard	firebox_t145	-	No
Hardware	watchguard	firebox_t145-w	-	No
Hardware	watchguard	firebox_t185	-	No
Operating System	watchguard	fireware	< 12.11.5	Yes
Hardware	watchguard	firebox_m270	-	No
Hardware	watchguard	firebox_m290	-	No
Hardware	watchguard	firebox_m370	-	No
Hardware	watchguard	firebox_m390	-	No
Hardware	watchguard	firebox_m440	-	No
Hardware	watchguard	firebox_m4600	-	No
Hardware	watchguard	firebox_m470	-	No
Hardware	watchguard	firebox_m4800	-	No
Hardware	watchguard	firebox_m5600	-	No
Hardware	watchguard	firebox_m570	-	No
Hardware	watchguard	firebox_m5800	-	No
Hardware	watchguard	firebox_m590	-	No
Hardware	watchguard	firebox_m670	-	No
Hardware	watchguard	firebox_m690	-	No
Hardware	watchguard	firebox_nv5	-	No
Hardware	watchguard	firebox_t20	-	No
Hardware	watchguard	firebox_t25	-	No
Hardware	watchguard	firebox_t40	-	No
Hardware	watchguard	firebox_t45	-	No
Hardware	watchguard	firebox_t55	-	No
Hardware	watchguard	firebox_t70	-	No
Hardware	watchguard	firebox_t80	-	No
Hardware	watchguard	firebox_t85	-	No
Hardware	watchguard	fireboxcloud	-	No
Hardware	watchguard	fireboxv	-	No
Operating System	watchguard	fireware	< 12.5.14	Yes
Hardware	watchguard	firebox_t15	-	No
Hardware	watchguard	firebox_t35	-	No

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00024 Vendor Advisory (5d1c2695-1a31-4499-88ae-e847036fd7e3)