1. Home
  2. CVE Database
  3. CVE-2025-6999
NONE · 0

CVE-2025-6999

An HTTP Request Smuggling [CWE-444] vulnerability in the Authentication portal of WatchGuard Fireware OS allows a remote attacker to evade request parameter sanitation and perform a reflected self-Cro...

Vulnerability Description

An HTTP Request Smuggling [CWE-444] vulnerability in the Authentication portal of WatchGuard Fireware OS allows a remote attacker to evade request parameter sanitation and perform a reflected self-Cross-Site Scripting (XSS) attack.This issue affects Fireware OS: from 12.0 through 12.11.2.

Related Weaknesses (CWE)

CWE-444

References

FAQ

What is CVE-2025-6999?

CVE-2025-6999 is a documented vulnerability. An HTTP Request Smuggling [CWE-444] vulnerability in the Authentication portal of WatchGuard Fireware OS allows a remote attacker to evade request parameter sanitation and perform a reflected self-Cro...

How severe is CVE-2025-6999?

CVSS scoring is not yet available for CVE-2025-6999. Check NVD for updates.

Is there a patch for CVE-2025-6999?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.