Description
A Cross-Site Request Forgery (CSRF) vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service (DoS) condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.This issue affects Fireware OS: 11.8 through 11.12.4+541730, 12.0 through 12.11.8, and 2025.1 through 2026.1.2.
Published: 2026-03-30
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service via CSRF
Action: Immediate Patch
AI Analysis

Impact

An attacker can exploit a cross‑site request forgery flaw in the WatchGuard Fireware OS Web UI. The flaw allows a remote user to trick an authenticated administrator into visiting a crafted web page, causing the Fireware Web UI to crash or become unavailable. The vulnerability is a traditional CSRF weakness (CWE‑352) that results in a denial‑of‑service condition for the web interface, impacting availability and potentially disrupting management functions.

Affected Systems

Directly impacted devices are WatchGuard Fireware OS appliances running versions 11.8 through 11.12.4+541730, 12.0 through 12.11.8, and 2025.1 through 2026.1.2. This includes all Firebox models provisioned with the affected firmware releases.

Risk and Exploitability

With a CVSS base score of 7.1 the vulnerability is considered moderate to high risk. The EPSS score is unavailable, and the issue is not listed in the CISA KEV catalog, suggesting that widespread, automated exploitation may not yet be occurring. The attack requires an attacker to lure a legitimate administrator to a malicious page; no elevation or arbitrary code execution is involved, but the resulting denial of service can impair administrative access and delay critical updates.

Generated by OpenCVE AI on March 30, 2026 at 14:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest WatchGuard firmware update that addresses CVE‑2026‑4315.
  • If a patch is not yet available, isolate the device from untrusted networks until remediation can be applied.
  • Monitor administrator login activity and enforce strict access controls to reduce the likelihood of phishing or social‑engineering attempts.

Generated by OpenCVE AI on March 30, 2026 at 14:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 30 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 30 Mar 2026 13:00:00 +0000

Type Values Removed Values Added
Description A Cross-Site Request Forgery (CSRF) vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigger a denial-of-service (DoS) condition in the Fireware Web UI by convincing an authenticated administrator into visiting a malicious web page.This issue affects Fireware OS: 11.8 through 11.12.4+541730, 12.0 through 12.11.8, and 2025.1 through 2026.1.2.
Title WatchGuard Firebox Cross-Site Request Forgery (CSRF) in Fireware Web UI
First Time appeared Watchguard
Watchguard fireware Os
Weaknesses CWE-352
CPEs cpe:2.3:a:watchguard:fireware_os:*:*:*:*:*:*:*:11.8
cpe:2.3:a:watchguard:fireware_os:*:*:*:*:*:*:*:12.0
cpe:2.3:a:watchguard:fireware_os:*:*:*:*:*:*:*:12.5
cpe:2.3:a:watchguard:fireware_os:*:*:*:*:*:*:*:2025.1
Vendors & Products Watchguard
Watchguard fireware Os
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Watchguard Fireware Os
cve-icon MITRE

Status: PUBLISHED

Assigner: WatchGuard

Published:

Updated: 2026-03-30T13:27:05.601Z

Reserved: 2026-03-17T07:45:03.793Z

Link: CVE-2026-4315

cve-icon Vulnrichment

Updated: 2026-03-30T13:27:01.866Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-30T13:16:22.750

Modified: 2026-03-30T13:26:07.647

Link: CVE-2026-4315

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-31T20:40:55Z

Weaknesses