Kerio WinRoute Firewall Web Server Remote Source Code Disclosure Vulnerability Network Vulnerability

Summary

Kerio WinRoute Firewall is prone to a remote source-code- disclosure vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit this vulnerability to view the source code of files in the context of the server process this may aid in further attacks. Versions prior to Kerio WinRoute Firewall 6.0.0 are vulnerable.

Solution

Updates are available. Please see the references for more details.

References

http://www.kerio.com
http://www.securityfocus.com/bid/53460

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Andy's PHP Knowledgebase 's' Parameter SQL Injection Vulnerability
AWStats configdir parameter arbitrary cmd exec
Athena Web Registration remote command execution flaw
Apple Safari RSS Feed Information Disclosure Vulnerability
AlienVault OSSIM Multiple Remote Code Execution Vulnerabilities

Take action and discover your vulnerabilities