Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-52875

An issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. The dest GET parameter passed to the /nonauth/addCertException.cs and /nonauth/guestConfirm.cs and /nonauth/expiration.cs pages is not properly sanitized before being used to generate a Location HTTP header in a 302 HTTP response. This can be exploited to perform Open Redirect or HTTP Response Splitting attacks, which in turn lead to Reflected Cross-Site Scripting (XSS). Remote command execution can be achieved by leveraging the upgrade feature in the admin interface.

Published

2025-01-31T08:15:07.827

Last Modified

2025-09-16T17:29:19.553

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Secondary
CWE-113

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	gfi	kerio_control	≤ 9.4.5	Yes

References

https://karmainsecurity.com/hacking-kerio-control-via-cve-2024-52875 Exploit, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2024/Dec/15 Exploit, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)