CVE-2024-52875 | GFI Kerio Control up to 9.2.5 GET Parameter response splitting (KIS-2024-07)

Posted by Angelo Barbosa | Dec 17, 2024 | CVE

A vulnerability was found in GFI Kerio Control up to 9.2.5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GET Parameter Handler. The manipulation leads to http response splitting.

This vulnerability is known as CVE-2024-52875. The attack can be launched remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-52875 | GFI Kerio Control up to 9.2.5 GET Parameter response splitting (KIS-2024-07)

Related Posts

CVE-2024-40895 | FFRI AMC up to 3.5.3 cross site scripting

CVE-2024-30203 | GNU Emacs up to 29.2 Inline MIME Remote Code Execution

CVE-2024-29269 | Telesquare TLR-2005Ksh 1.0.0/1.1.4 Cmd command injection

CVE-2023-23438 | Honor LGE-AN00 prior 6.0.0.188 unknown vulnerability