WatchGaurd Firebox Host Header Injection Vulnerability
Advisory ID
WGSA-2025-00003
CVE
CVE-2025-0178
Impact
Medium
Status
Resolved
Product Family
Firebox
Published Date
Updated Date
Workaround Available
False
CVSS Score
5.1
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L
Summary
Updated September 17 2025: Updated to add Fireware OS 12.5.13 as a resolved release
An Improper Input Validation vulnerability in WatchGuard Fireware OS allows an attacker with network access to manipulate the value of the HTTP Host header in requests sent to the Web UI. An attacker could exploit this vulnerability to redirect users to malicious websites, poison the web cache, or inject malicious JavaScript into responses sent by the Web UI.
Affected
This issue affects Fireware OS: from 12.0 up to and including 12.11.
Resolution
| Vulnerable Version | Resolved Version |
|---|---|
| 12.x | 12.11.1 |
| 12.5.x (T15 & T35 models) | 12.5.13 |
Credits
Tiziano Di Vincenzo (Advens) - https://www.linkedin.com/in/tizianodivincenzo/
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Firebox
|
Fireware OS 12.5.x | T15, T35 |
Firebox
|
Fireware OS 12.x | T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV |