CVE-2013-6021
WatchGuard Fireware < 11.8 - Remote Code Execution via Long Session ID Cookie
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-6021. PoCs published by st3n.
AI-analyzed exploit summary This exploit targets a remote buffer overflow in WatchGuard Firewall XTM version 11.7.4u1 via the sessionid cookie. It uses a heap spray technique and shellcode to bypass authentication and gain remote code execution.
Description
Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie.
Exploits (1)
exploitdb
WORKING POC
by st3n · perlremotehardware
https://www.exploit-db.com/exploits/29273
This exploit targets a remote buffer overflow in WatchGuard Firewall XTM version 11.7.4u1 via the sessionid cookie. It uses a heap spray technique and shellcode to bypass authentication and gain remote code execution.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target:
WatchGuard Firewall XTM <= 11.7.4u1
No auth needed
Prerequisites:
Network access to the target's web console · SSL connectivity to the target
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (7)
Core 7
Core References
Exploit x_refsource_misc
https://funoverip.net/2013/10/watchguard-cve-2013-6021-stack-based-buffer-overflow-exploit/
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/29273
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/98752
Vendor Advisory x_refsource_confirm
http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/
Vendor Advisory x_refsource_confirm
http://watchguardsecuritycenter.com/2013/10/17/watchguard-dimension-and-fireware-xtm-11-8/
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/63227
Patch, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/233990
Scores
EPSS
0.5403
EPSS Percentile
98.1%
Details
CWE
CWE-119
Status
published
Products (12)
watchguard/fireware
11.0.2
watchguard/fireware
11.1
watchguard/fireware
11.2.3
watchguard/fireware
11.3
watchguard/fireware
11.3.6
watchguard/fireware
11.4
watchguard/fireware
11.4.2
watchguard/fireware
11.5.1
watchguard/fireware
11.5.3
watchguard/fireware
11.6.6
... and 2 more
Published
Oct 19, 2013
Tracked Since
Feb 18, 2026