36 matches found
CVE-2019-16414
A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure= URI...
EUVD-2019-7156
Malware in sbrugna...
EUVD-2025-19721
Malicious code in bioql PyPI...
EUVD-2025-19720
Malicious code in bioql PyPI...
EUVD-2025-19722
Malicious code in bioql PyPI...
CVE-2025-34069
An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent,...
CVE-2025-34071
A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts with...
CVE-2025-34070
A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, exposes HTTP services on ports 7995 and 7996 without proper...
CVE-2025-34069
An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent,...
CVE-2025-34070
A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, exposes HTTP services on ports 7995 and 7996 without proper...
CVE-2025-34071
A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts with...
CVE-2025-34071 GFI Kerio Control Unsigned System Image Upload Root Code Execution
A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts with...
CVE-2025-34071
CVE-2025-34071 affects GFI Kerio Control 9.4.5 where the firmware upgrade feature can be abused to achieve remote code execution. The root cause is an upgrade mechanism that accepts unsigned .img files and does not validate authenticity or integrity, allowing modified upgrades (including scripts ...
CVE-2025-34071 GFI Kerio Control Unsigned System Image Upload Root Code Execution
A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts with...
CVE-2025-34070 GFI Kerio Control GFIAgent Missing Authentication on Administrative Interfaces
A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, exposes HTTP services on ports 7995 and 7996 without proper...
CVE-2025-34070
GFI Kerio Control 9.4.5 is affected by a missing authentication vulnerability in the GFIAgent component. The GFIAgent service exposes HTTP interfaces on ports 7995 and 7996; the /proxy handler on 7996 can forward requests to administrative endpoints when supplied with an Appliance UUID, which is ...
CVE-2025-34070 GFI Kerio Control GFIAgent Missing Authentication on Administrative Interfaces
A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, exposes HTTP services on ports 7995 and 7996 without proper...
CVE-2025-34069 GFI Kerio Control GFIAgent Authentication Bypass via Proxy Forwarding
An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent,...
CVE-2025-34069 GFI Kerio Control GFIAgent Authentication Bypass via Proxy Forwarding
An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent,...
CVE-2025-34069
CVE-2025-34069 – GFI Kerio Control 9.4.5 suffers an authentication bypass caused by an insecure default proxy configuration in the GFIAgent service. The non-transparent proxy on TCP 3128 can forward unauthenticated requests to internal services, exposing GFIAgent endpoints and allowing access to ...