A vulnerability marked as critical has been reported in WatchGuard Fireware OS up to 11.12.4+541730/12.5.18/12.12/2026.2. Affected is an unknown function. Performing a manipulation results in path traversal. This vulnerability was named CVE-2026-13054. The attack may be initiated remotely.
| Vendor | Product | Versions |
|---|---|---|
| watchguard | fireware os | 11.0, 12.0, 12.5, 2025.1, 11.12.4+541730, 12.5.18 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| watchguard | firebox | cert_advisory | 90% |
Updated severity to CRITICAL, added affected versions 11.12.4+541730 and 12.5.18, and noted that the vulnerability is actively exploited.
Initial creation