Lucene search
K

5 matches found

Nuclei
Nuclei
added yesterday147 views

Kerio Control v9.2.5 - CRLF Injection

Kerio Control, formerly known as Kerio WinRoute Firewall, has been found vulnerable to multiple HTTP Response Splitting vulnerabilities in product affecting versions 9.2.5 id: CVE-2024-52875 info: name: Kerio Control v9.2.5 - CRLF Injection author: ritikchaddha,iamnoooob,rootxharsh,pdresearch...

8.8CVSS7AI score0.29116EPSS
Exploits1References2
NVD
NVD
added 2025/01/31 8:15 a.m.23 views

CVE-2024-52875

An issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. The dest GET parameter passed to the /nonauth/addCertException.cs and /nonauth/guestConfirm.cs and /nonauth/expiration.cs pages is not properly sanitized before being used to generate a Location HTTP header in a 302 HTTP response...

8.8CVSS0.29116EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/01/31 12:0 a.m.33 views

CVE-2024-52875

An issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. The dest GET parameter passed to the /nonauth/addCertException.cs and /nonauth/guestConfirm.cs and /nonauth/expiration.cs pages is not properly sanitized before being used to generate a Location HTTP header in a 302 HTTP response...

8.8CVSS0.29116EPSS
Exploits1References1
CVE
CVE
added 2025/01/31 12:0 a.m.145 views

CVE-2024-52875

Kerio Control (GFI) versions 9.2.5–9.4.5 are affected by a CRLF/HTTP response splitting vulnerability that abuses the dest parameter in GET requests to generate a Location header in a 302 response, enabling Open Redirect and HTTP Response Splitting, which can lead to reflected XSS. The issue affe...

8.8CVSS6.8AI score0.29116EPSS
In wildExploits1References2Affected Software1
Circl
Circl
added 2024/12/17 2:10 p.m.71 views

CVE-2024-52875

creationtimestamp| type| source ---|---|--- 2024-12-17 14:10:59+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/9452 2024-12-21 18:13:24+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/11586 2025-01-01 18:03:16+00:00| seen|...

8.8CVSS7.6AI score0.29116EPSS
In wildExploits1References48
Rows per page
Query Builder