CVE-2025-4106

Published: Oct 24, 2025

Modified: Feb 26, 2026

PUBLISHED

Description

An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0 before 12.11.2.

Vendor	Product	Versions
WatchGuard	Fireware OS	affected `12.0 - < 12.11.2`

Weaknesses (CWE)

CWE-489

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00010

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-4106

Description

Affected Products

Weaknesses (CWE)

References