34 matches found
Kerio Control v9.2.5 - CRLF Injection
Kerio Control, formerly known as Kerio WinRoute Firewall, has been found vulnerable to multiple HTTP Response Splitting vulnerabilities in product affecting versions 9.2.5 id: CVE-2024-52875 info: name: Kerio Control v9.2.5 - CRLF Injection author: ritikchaddha,iamnoooob,rootxharsh,pdresearch...
EUVD-2014-3794
Malware in sbrugna...
CVE-2025-34070
A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, exposes HTTP services on ports 7995 and 7996 without proper...
CVE-2025-34071
A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts with...
Kerio Control Detection Consolidation
Consolidation of Kerio Control detections. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; ifdescription...
VulnCheck KEV: CVE-2024-52875
Several vulnerabilities are present in GFI KerioControl due to improper sanitization of the 'dest' GET parameter used to generate a 'Location' HTTP header. The affected endpoints include /nonauth/addCertException.cs, /nonauth/guestConfirm.cs, and /nonauth/expiration.cs. Exploitation could allow...
CVE-2019-16414
A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure&NTLM= URI...
Kerio Control Detection (HTTP)
HTTP based detection of the Kerio Control. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Kerio Control < 9.1.3 Multiple Vulnerabilities - Active Check
Kerio Control is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:kerio:control"; ifdescription...
Kerio Control firewall there are a number of serious vulnerabilities-vulnerability warning-the black bar safety net
! According to the foreign media to the latest reports, security research experts in the Kerio Control firewall found a series of serious security vulnerabilities. Due to these vulnerabilities exist, the external attacker will be able by tricking employees to click on to access a malicious link t...
Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabiliti
Exploit for php platform in category web applications Video: https://www.youtube.com/watch?v=yOWz25sHMI SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Potential backdoor access through multiple vulnerabilities product...
Kerio Control Unified Threat Management 9.1.0 build 10879.1.1 build 1324 - Multiple Vulnerabilities
Kerio Control Unified Threat Management 9.1.0 build 10879.1.1 build 1324 - Multiple Vulnerabilities SEC Consult has also released a blog post describing the attack scenarios of the vulnerabilities within this advisory in detail and a video which shows the remote attack. Exploit code has been...
Kerio Control Unified Threat Management 9.1.0 build 1087/9.1.1 build 1324 - Multiple Vulnerabilities
SEC Consult has also released a blog post describing the attack scenarios of the vulnerabilities within this advisory in detail and a video which shows the remote attack. Exploit code has been developed as well but will not be released for now. Blog:...
Kerio Control Unified Threat Management Code Execution / XSS / Memory Corruption
SEC Consult has also released a blog post describing the attack scenarios of the vulnerabilities within this advisory in detail and a video which shows the remote attack. Exploit code has been developed as well but will not be released for now. Blog:...
Kerio Control 8.6.1 - Multiple Vulnerabilities
IntelliSec Security Advisory ============================================================================================== Title: Multiple Vulnerabilities in Kerio Control Virtual Appliance Vulnerabilities: SQL Injection, Remote Code Execution through CSRF Product: Kerio Control Homepage:...
Kerio Control 8.6.1 - Multiple Vulnerabilities
Exploit for php platform in category web applications Title: Multiple Vulnerabilities in Kerio Control Virtual Appliance Vulnerabilities: SQL Injection, Remote Code Execution through CSRF Product: Kerio Control Homepage: http://www.kerio.com Affected Version: = 8.6.1 Fixed Version: 8.6.2 partiall...
Kerio Control 8.6.1 - Multiple Vulnerabilities
Kerio Control 8.6.1 - Multiple Vulnerabilities IntelliSec Security Advisory ============================================================================================== Title: Multiple Vulnerabilities in Kerio Control Virtual Appliance Vulnerabilities: SQL Injection, Remote Code Execution throu...
Kerio Control 8.6.1 SQL Injection / Code Execution / CSRF
IntelliSec Security Advisory ============================================================================================== Title: Multiple Vulnerabilities in Kerio Control Virtual Appliance Vulnerabilities: SQL Injection, Remote Code Execution through CSRF Product: Kerio Control Homepage:...
Kerio Control SQL injection
SQL injection in Web interface...
Kerio Control <= 8.3.1 Boolean-based blind SQL Injection
Document Title: ====================== Kerio Control = 8.3.1 Boolean-based blind SQL Injection Primary Informations: ====================== Product Name: Kerio Control Software Description: Kerio Control brings together multiple capabilities including a network firewall and router, intrusion...