Kerio WinRoute Firewall Web Server Remote Source Code Disclosure Vulnerability Network Vulnerability

Summary

Kerio WinRoute Firewall is prone to a remote source-code- disclosure vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit this vulnerability to view the source code of files in the context of the server process this may aid in further attacks. Versions prior to Kerio WinRoute Firewall 6.0.0 are vulnerable.

Solution

Updates are available. Please see the references for more details.

References

http://www.kerio.com
http://www.securityfocus.com/bid/53460

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
AIOCP 'cp_html2xhtmlbasic.php' Remote File Inclusion Vulnerability
Atutor AContent Multiple SQL Injection and XSS Vulnerabilities
AdaptBB Multiple Input Validation Vulnerabilities
ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability

Take action and discover your vulnerabilities