CVE-2026-3987

HIGH

WatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UI

Title source: cna

Description

A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated system process.This issue affects Fireware OS 12.6.1 up to and including 12.11.8 and 2025.1 up to and including 2026.1.2.

References (1)

Core 1

Core References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00009

Scores

CVSS v4 8.6

EPSS 0.0059

EPSS Percentile 43.4%

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-22

Status published

Products (2)

WatchGuard/Fireware OS 12.6.1 - 12.11.8

WatchGuard/Fireware OS 2025.1 - 2026.1.2

Published Apr 01, 2026

Tracked Since Apr 02, 2026