{"id":24502,"date":"2025-11-03T11:50:18","date_gmt":"2025-11-03T11:50:18","guid":{"rendered":"http:\/\/localhost\/?p=24502"},"modified":"2025-11-03T11:50:18","modified_gmt":"2025-11-03T11:50:18","slug":"watchguard-firebox-default-credentials-ssh-access","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=24502","title":{"rendered":"\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access_PACKETSTORM:211136"},"content":{"rendered":"

{“lastseen”:”2025-11-03T16:52:09″,”description”:”The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative…”,”published”:”2025-11-03T00:00:00″,”modified”:”2025-11-03T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access”,”source”:””,”references”:””,”id”:”PACKETSTORM:211136″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-59396″],”sourceData”:”CVE-2025-59396 \u2013 WatchGuard Firebox Default Configuration Allows Unauthorized SSH Access via Port 4118\\n Description\\n The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative access via SSH on port 4118 using the default credentials (admin:readwrite). This configuration exposes the device to remote attackers who can gain full administrative access without prior authentication.\\n Impact\\n An unauthenticated attacker can:\\n \\n Retrieve sensitive information such as ARP tables, network configurations, user accounts, feature keys, and device location data.\\n Modify or disable firewall rules and security policies.\\n Perform lateral movement within the internal network.\\n Exfiltrate data or disrupt services.\\n \\n This results in a complete compromise of the Firebox appliance and the network it protects.\\n Vulnerability Type\\n \\n Misconfiguration \/ Insecure Defaults\\n Authentication Bypass via Default Credentials\\n \\n Attack Vector\\n Remote access via SSH on port 4118 using:\\n \\n Username: admin\\n Password: readwrite\\n \\n Tools like PuTTY or any SSH client can be used to exploit this vulnerability.\\n Affected Product\\n \\n Vendor: WatchGuard\\n Product: Firebox series (specific models and firmware versions TBD)\\n Component: SSH Service (Port 4118)\\n Status: Exposed by default\\n \\n Discoverers\\n \\n Chanakya Neelarapu\\n Mark Gibson\\n \\n CVE ID\\n \\n CVE-2025-59396\\n \\n Impacts\\n \\n \u2705 Remote Code Execution\\n \u2705 Privilege Escalation\\n \u2705 Information Disclosure\\n \u2705 Network Exposure and Lateral Movement\\n \\n Reference\\n \\n https:\/\/www.watchguard.com\/wgrd-products\/firewalls”,”sourceHref”:”https:\/\/packetstorm.news\/download\/211136″,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/211136\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2025-11-03T16:52:09″,”description”:”The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative…”,”published”:”2025-11-03T00:00:00″,”modified”:”2025-11-03T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access”,”source”:””,”references”:””,”id”:”PACKETSTORM:211136″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-59396″],”sourceData”:”CVE-2025-59396 \u2013 WatchGuard Firebox Default Configuration Allows Unauthorized…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,13,33,53,7,11,5],"class_list":["post-24502","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access_PACKETSTORM:211136 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=24502\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access_PACKETSTORM:211136 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2025-11-03T16:52:09″,”description”:”The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative…”,”published”:”2025-11-03T00:00:00″,”modified”:”2025-11-03T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access”,”source”:””,”references”:””,”id”:”PACKETSTORM:211136″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-59396″],”sourceData”:”CVE-2025-59396 \u2013 WatchGuard Firebox Default Configuration Allows Unauthorized...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=24502\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-03T11:50:18+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=24502#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=24502\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 WatchGuard Firebox Default Credentials \\\/ SSH Access_PACKETSTORM:211136\",\"datePublished\":\"2025-11-03T11:50:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=24502\"},\"wordCount\":365,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"exploit\",\"news\",\"NONE\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=24502#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=24502\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=24502\",\"name\":\"\ud83d\udcc4 WatchGuard Firebox Default Credentials \\\/ SSH Access_PACKETSTORM:211136 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-11-03T11:50:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=24502#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=24502\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=24502#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 WatchGuard Firebox Default Credentials \\\/ SSH Access_PACKETSTORM:211136\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access_PACKETSTORM:211136 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=24502","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access_PACKETSTORM:211136 - zero redgem","og_description":"{“lastseen”:”2025-11-03T16:52:09″,”description”:”The default configuration of WatchGuard Firebox devices through 2025-09-10 allows administrative…”,”published”:”2025-11-03T00:00:00″,”modified”:”2025-11-03T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access”,”source”:””,”references”:””,”id”:”PACKETSTORM:211136″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-59396″],”sourceData”:”CVE-2025-59396 \u2013 WatchGuard Firebox Default Configuration Allows Unauthorized...","og_url":"https:\/\/zero.redgem.net\/?p=24502","og_site_name":"zero redgem","article_published_time":"2025-11-03T11:50:18+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=24502#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=24502"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access_PACKETSTORM:211136","datePublished":"2025-11-03T11:50:18+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=24502"},"wordCount":365,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","exploit","news","NONE","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=24502#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=24502","url":"https:\/\/zero.redgem.net\/?p=24502","name":"\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access_PACKETSTORM:211136 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-11-03T11:50:18+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=24502#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=24502"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=24502#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 WatchGuard Firebox Default Credentials \/ SSH Access_PACKETSTORM:211136"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/24502","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=24502"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/24502\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=24502"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=24502"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=24502"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}