CNNVD-202507-141 Information

CNNVD ID

CNNVD-202507-141

Related CVE

CVE-2025-34071

• CNNVD Published: 2025-07-02

Description (Chinese)

GFI Kerio Control是马耳他GFI公司的一套统一威胁管理（UTM）解决方案。该产品包括病毒防护、Web内容过滤和应用程序过滤等功能。 GFI Kerio Control 9.4.5版本存在安全漏洞，该漏洞源于升级机制不安全，可能导致远程代码执行。

Description (English)

GFI Kerio Control is a unified threat management (UTM) solution for GFI Malta. The product includes viral protection, Web content filtering and application filtering. There is a security loophole in version 9.4.5 of the GFI Kerio Control, which stems from the insecurity of the upgrading mechanism, which may lead to remote code implementation.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

GFI

Published

2025-07-02

Last Modified

2026-02-24

References

https://ssd-disclosure.com/ssd-advisory-kerio-control-authentication-bypass-and-rce/ https://vulncheck.com/advisories/gfi-kerio-control-auth-bypass-rce