2 matches found
CVE-2024-32384
Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...
CVE-2024-32384
Kerlink KerOS gateways before version 5.10 expose the web interface only over HTTP, with no HTTPS support. This transport security gap enables a man‑in‑the‑middle attacker to intercept/modify traffic between clients and devices. Affected product: Kerlink gateways running KerOS pre‑5.10. Root caus...