CVE-2025-1545

EUVD-2025-201297

04.12.2025, 22:15

An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only affects Firebox systems that have at least one authentication hotspot configured.This issue affects Fireware OS 11.11 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.

aka Blind XPath Injection

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 29%

Affected Products (NVD)

Vendor	Product	Version
watchguard	fireware	2025.1 ≤ 𝑥 < 2025.1.3
watchguard	fireware	11.11 ≤ 𝑥 < 12.11.5
watchguard	fireware	11.11 ≤ 𝑥 < 12.5.14

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-91 - XML Injection (aka Blind XPath Injection)
The software does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed by an end system.

References

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00025