Denial of Service Vulnerability in Fireware Management Web UI by WatchGuard
CVE-2026-13371
6.9MEDIUM
What is CVE-2026-13371?
An authenticated administrator can exploit a flaw in the Fireware Management Web UI by sending specially crafted data to the put_data endpoint. This endpoint is susceptible to unsafe deserialization, which can lead to a denial-of-service condition, disrupting the application's availability. Proper input validation and sanitization measures should be implemented to mitigate this vulnerability.
Affected Version(s)
Fireware OS 12.0 <= 12.12
Fireware OS 12.5 <= 12.5.18
Fireware OS 2025.1 <= 2026.2
