A vulnerability was found in WatchGuard Fireware OS up to 12.12/2026.2. It has been declared as critical. Impacted is an unknown function of the component Access Portal Feature. Executing a manipulation can lead to hard-coded credentials. This vulnerability appears as CVE-2026-13728. The attack may be performed from remote.
| Vendor | Product | Versions |
|---|---|---|
| watchguard | fireware os | 12.1, 2025.1 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| watchguard | firebox | cert_advisory | 90% |
Updated severity to CRITICAL, marked as actively exploited, and corrected exploit availability to false.
Initial creation