Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Autotask Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13938.


This issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
Published: 2026-07-02
Score: 4.8 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The CVE describes an improper neutralization of input during web page generation in the Autotask Technology Integration configuration of WatchGuard Fireware OS. Stored cross‑site‑scripting can be triggered by submitting malicious payloads that are later rendered in the browser when the configuration page is loaded. An attacker who can inject such input can execute arbitrary JavaScript in the context of an authenticated user, potentially stealing session cookies, redirecting users, or installing malware. This vulnerability is an additional unmitigated attack path for the earlier CVE‑2025‑13938.

Affected Systems

Affected systems are devices running WatchGuard Fireware OS, specifically version 12.4 to 12.12, 12.5 to 12.5.18, and 2025.1 to 2026.2. The flaw resides in the Autotask Technology Integration module accessed through the web‑based management interface of Firebox appliances.

Risk and Exploitability

The CVSS score is 4.8, indicating moderate severity. The EPSS score is not available, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. The attack vector is likely through the secured web management console, requiring authenticated access to the Autotask configuration page; therefore the risk is limited to privileged users or those who can compromise an existing authenticated session. Given the moderate CVSS, the risk to environments that do not expose the management interface externally is lower, but upgrading promptly is still advisable.

Generated by OpenCVE AI on July 3, 2026 at 02:59 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware release from WatchGuard to remove the XSS flaw
  • Restrict access to the Fireware web management interface to trusted administrators only
  • If the Autotask Technology Integration module is unnecessary, disable or uninstall it to eliminate the vulnerable code

Generated by OpenCVE AI on July 3, 2026 at 02:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Jul 2026 23:30:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Autotask Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13938. This issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
Title WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Autotask Technology Integration Configuration
First Time appeared Watchguard
Watchguard fireware Os
Weaknesses CWE-79
CPEs cpe:2.3:a:watchguard:fireware_os:*:*:*:*:*:*:*:12.4
cpe:2.3:a:watchguard:fireware_os:*:*:*:*:*:*:*:12.5
cpe:2.3:a:watchguard:fireware_os:*:*:*:*:*:*:*:2025.1
Vendors & Products Watchguard
Watchguard fireware Os
References
Metrics cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}


Subscriptions

Watchguard Fireware Os
cve-icon MITRE

Status: PUBLISHED

Assigner: WatchGuard

Published:

Updated: 2026-07-02T23:05:20.273Z

Reserved: 2026-06-25T20:31:08.245Z

Link: CVE-2026-13375

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-03T03:00:06Z

Weaknesses
  • CWE-79

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')