Back to CVE List

CVE-2026-4266

Vulnerability Description

An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1 through 2026.1.2.

Note, this vulnerability does not affect Firebox platforms that do not support the Access Portal feature, including the T-15 and T-35.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-502
Source
NVD

External References

Discussion (0)

Add Comment

No comments yet. Be the first!