CVE-2025-1545

Summary

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only affects Firebox systems that have at least one authentication hotspot configured.This issue affects Fireware OS 11.11 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

Affected Software

VendorProductVersion RangeStatus
WatchGuardFireware OS11.11 <= 11.12.4+541730affected
WatchGuardFireware OS12.0 <= 12.11.4affected
WatchGuardFireware OS12.5 <= 12.5.13affected
WatchGuardFireware OS2025.1 <= 2025.1.2affected

Weaknesses

  • CWE-91: CWE-91 XML Injection (aka Blind XPath Injection)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References