CVE-2025-4804 – WatchGuard Fireware OS Stored Cross-site Scripting Vulnerability

May 16, 2025

CVE ID : CVE-2025-4804

Published : May 16, 2025, 9:15 p.m. | 3 hours, 29 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WatchGuard Fireware OS allows Stored XSS via the spamBlocker module. This vulnerability requires an authenticated administrator session to a locally managed Firebox.
This issue affects Fireware OS: from 12.0 through 12.11.1.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4805 – WatchGuard Fireware OS Stored XSS Vulnerability

Next Article CVE-2025-48188 – GNU PSPP libpspp-core.a Heap-Based Buffer Over-Read

Highlights

CVE-2025-4903 – D-Link DI-7003GV2 Authentication Bypass Vulnerability

May 19, 2025

CVE ID : CVE-2025-4903

Published : May 19, 2025, 1:15 a.m. | 1 hour, 32 minutes ago

Description : A vulnerability, which was classified as critical, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This affects the function sub_41F4F0 of the file /H5/webgl.asp?tggl_port=0&remote_management=0&http_passwd=game&exec_service=admin-restart. The manipulation leads to unverified password change. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Psychology Of Color In UX Design And Digital Products

This week in AI dev tools: Claude Sonnet 4’s larger context window, ChatGPT updates, and more (August 15, 2025)

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

14 secret phone codes that unlock hidden features on your Android and iPhone

Stop using AI for these 9 work tasks – here’s why

A smart sensor assessed my home’s risk of electrical fires, and I was impressed

I brought Samsung’s rugged Galaxy tablet on a hiking trip, and it weathered everything

AI’s Hidden Thirst: The Water Behind Tech

AI’s Hidden Thirst: The Water Behind Tech

Minesweeper game in 100 lines of pure JavaScript – easy tutorial

Maintaining Data Consistency with Laravel Database Transactions

5 Best VPN for Lenovo Laptops to Enjoy the Web Safely

5 Best VPN for Lenovo Laptops to Enjoy the Web Safely

3 Best Antivirus and Malware Protection Software

11 Best Antivirus Without Ads

CVE-2025-4804 – WatchGuard Fireware OS Stored Cross-site Scripting Vulnerability

Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

KDE Update Turns Off Potentially Seizure Triggering Effect

Spring Boot + Swagger: A Complete Guide to API Documentation

Digitale videorecorders TBK aangevallen door Mirai-botnet

CVE-2025-5712 – SourceCodester Open Source Clinic Management System SQL Injection

CVE-2025-4903 – D-Link DI-7003GV2 Authentication Bypass Vulnerability

CVE-2024-52279 – Apache Zeppelin JDBC URL Validation Bypass

What AI pioneer Yoshua Bengio is doing next to make AI safer

Marvel Rivals Season 2 is introducing Emma Frost’s thighs, the Hellfire Gala, and Ultron

CVE-2025-4804 – WatchGuard Fireware OS Stored Cross-site Scripting Vulnerability

Related Posts