Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks

A new distributed denial-of-service DDoS botnet known as Kimwolf has enlisted a massive army of no less than 1.8 million infected devices comprising Android-based TVs, set-top boxes, and tablets, and may be associated with another botnet known as AISURU, according to findings from QiAnXin XLab...

CVE-2025-34069 GFI Kerio Control GFIAgent Authentication Bypass via Proxy Forwarding

An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent,...

CVE-2025-34069

CVE-2025-34069 – GFI Kerio Control 9.4.5 suffers an authentication bypass caused by an insecure default proxy configuration in the GFIAgent service. The non-transparent proxy on TCP 3128 can forward unauthenticated requests to internal services, exposing GFIAgent endpoints and allowing access to ...

CVE-2025-34069 GFI Kerio Control GFIAgent Authentication Bypass via Proxy Forwarding

An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated requests to internal services such as GFIAgent,...

OpenSSH（OpenBSD Secure Shell） 安全漏洞

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers from the Canadian OpenBSD Project Group. The tools are an open source implementation of the SSH protocol and support encryption of all transmissions, effectively blocking eavesdropping, connection...

haproxy: Proxy forwards malformed empty Content-Length headers

A flaw was found in HAProxy. Empty Content-Length headers are forwarded, which could cause an HTTP/1 server behind it to interpret the payload as an extra request. This may render the HTTP/1 server vulnerable to attacks in some uncommon cases...

CVE-2022-2880

Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the quer...

OpenSSH 授权问题漏洞

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers from the Canadian OpenBSD Project Group. The tools are an open source implementation of the SSH protocol that supports encryption of all transmissions, effectively blocking eavesdropping, connection...

CLSA-2021-1635458969 Fix CVE(s): CVE-2021-40438, CVE-2021-34798, CVE-2021-39275

SECURITY UPDATE: Buffer overflow with crafted input - debian/patches/CVE-2021-39275.patch:apescapequotes may write beyond the end of a buffer when given malicious input - CVE-2021-39275 SECURITY UPDATE: Malformed requests may cause the server to dereference a NULL pointer -...

ALPINE-CVE-2021-40438

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

DEBIAN-CVE-2021-40438

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

UBUNTU-CVE-2021-40438

A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...

OpenSSH 'roaming_read' and 'roaming_write' function denial of service vulnerability

OpenSSH is a set of connection tools maintained by the OpenBSD Project Group for secure access to remote computers. The 'roamingread' and 'roamingwrite' functions in the roamingcommon.c file in OpenSSH's client, when, with specific proxy and forwarding options enabled, the Failure to properly...