CVE-2026-4315
CSRF Vulnerability in WatchGuard Fireware WebUI Causes DoS
Publication date: 2026-03-30
Last updated on: 2026-03-30
Assigner: WatchGuard Technologies, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| watchguard | fireware_os | From 11.8 (inc) to 11.12.4 (inc) |
| watchguard | fireware_os | From 12.0 (inc) to 12.11.8 (inc) |
| watchguard | fireware_os | From 2025.1 (inc) to 2026.1.2 (inc) |
| watchguard | fireware_os | 2026.2 |
| watchguard | fireware_os | 12.12 |
| watchguard | fireware_os | 12.5.18 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-4315 is a Cross-Site Request Forgery (CSRF) vulnerability found in the WatchGuard Fireware OS Web User Interface (Web UI).
This vulnerability allows a remote attacker to cause a denial-of-service (DoS) condition in the Fireware Web UI by tricking an authenticated administrator into visiting a malicious web page.
It affects multiple versions of Fireware OS, including 11.8 through 11.12.4_Update1, 12.0 through 12.11.8, and 2025.1 through 2026.1.2.
How can this vulnerability impact me? :
The vulnerability can be exploited by a remote attacker to trigger a denial-of-service (DoS) condition in the Fireware Web UI.
This means that an attacker could disrupt the availability of the Fireware Web UI by convincing an authenticated administrator to visit a malicious web page.
The impact is primarily on availability, potentially preventing administrators from managing the device through the Web UI.
What immediate steps should I take to mitigate this vulnerability?
There is no available workaround for this vulnerability.
The issue has been resolved in Fireware OS versions 2026.2 for the 2025.1 branch, 12.12 for the 12.x branch, and 12.5.18 for the 12.5.x branch (T15 & T35 models).
To mitigate this vulnerability, you should immediately upgrade your Fireware OS to one of these fixed versions.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the CVE-2026-4315 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There is no specific detection method or commands provided to identify the presence of the CVE-2026-4315 vulnerability on your network or system.
The vulnerability affects WatchGuard Fireware OS Web UI versions 11.8 through 11.12.4+541730, 12.0 through 12.11.8, and 2025.1 through 2026.1.2. Detection would primarily involve verifying the version of Fireware OS running on your devices.
To detect if your system is vulnerable, check the Fireware OS version on your WatchGuard devices and compare it against the affected versions.
No specific network scanning or command-line tools or commands are suggested in the provided resources.