CVE Catalog

CVE-2026-13377

MediumCVSS 4.8
Published: Translated: NVD NIST

Summary

A stored XSS vulnerability in the SIP Proxy module of WatchGuard Fireware OS. Improper input neutralization allows injection of a malicious script that is stored on the server. This is an additional unmitigated attack path for CVE-2025-6947.

Risk Assessment

An attacker can inject a persistent script that executes in administrators' or users' browsers, leading to session hijacking, account takeover, or sensitive data theft.

Recommendation

Immediately upgrade Fireware OS to a version newer than 12.12, 12.5.18, or 2026.2, depending on the release branch. If an upgrade is not possible, consider temporarily disabling the SIP Proxy module.

Original NVD description (English source)

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS