CVE-2025-34071

Critical CVSS: 9.4

A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts within the upgrade.sh or disk image components. These modified upgrade images are not validated for authenticity or integrity, and are executed by the system post-upload, enabling root access.

Vendor

Gfi

Product

Kerio Control

CWE

CWE-306

Yayın Tarihi

2025-07-02 14:15:24

Güncelleme

2025-09-17 13:41:43

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-306 Kerio Control CRITICAL Gfi 2025

Referanslar

https://ssd-disclosure.com/ssd-advisory-kerio-control-authentication-bypass-and-rce/ https://vulncheck.com/advisories/gfi-kerio-control-auth-bypass-rce

Benzer Kayıtlar

High

CVE-2026-2036

GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows…

High

CVE-2026-2037

GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows…

Critical

CVE-2026-2038

GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote attac…

Critical

CVE-2026-2039

GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability. This vulnerability allows remote atta…

Medium

CVE-2026-23621

GFI MailEssentials AI versions prior to 22.4 contain an arbitrary directory existence enumeration vulnerability in the L…

Medium

CVE-2026-23616

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Anti-Spoofing co…