漏洞类别:CGI
漏洞等级: 
漏洞信息
Kerio Control (previously Kerio WinRoute Firewall) is a Unified Threat Management (UTM) system that protects your network from viruses, malware and malicious activity. Kerio Control brings together next-generation firewall capabilities -- including a network firewall and router, intrusion detection and prevention (IPS), gateway anti-virus, VPN, and web content and application filtering.
Kerio Control is prone to multiple vulnerabilities including Remote Code Execution, Heap Spraying, CSRF Protection Bypass, Information Disclosure and Cross-Site Scripting.
Affected Versions:
Kerio Control Unified Threat Management version 9.1.0 build 1087, older versions may also be affected
Kerio Control Unified Threat Management version 9.1.1 build 1324, older versions may also be affected
漏洞危害
By combining these vulnerabilities an attacker can fully compromise a network which uses the Kerio Control appliance for protection.
解决方案
Kerio addressed these issues in Kerio Control version 9.1.3. Download the latest version from Kerio Support.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论