The flaw allows one-click RCE
The Kerio Management vulnerability, at the side of an older vulnerability, can permit escalating the problem right into a one-click RCE assault, granting root entry to the firewall system. The flaw has persevered for practically seven years, affecting variations 9.2.5 (launched in 2018) to 9.4.5.
Based on Romano’s POC, the exploit would come with injecting Base64-encoded payloads to govern HTTP responses and introduce arbitrary headers or malicious content material. This probably allows an HTTP response splitting assault which, in flip, can result in mirrored XSS assault for distant code execution.
The flaw was fastened in variations 9.4.5 Patch1 ( launched on December 19), and 9.4.5. Patch2 (Launched on January 31) with extra security enhancements. GFI Software program suggested admins to use these patches promptly to guard towards these assaults. GFI KerioControl is a well-liked community security selection by a various vary of organizations, together with McDonald’s and Luxurious Motor Yacht Lotus, with a whole bunch of 1000’s of actively deployed situations globally.
