CVE-2025-34071

Sažetak

A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute arbitrary code through the firmware upgrade feature. The system upgrade mechanism accepts unsigned .img files, which can be modified to include malicious scripts within the upgrade.sh or disk image components. These modified upgrade images are not validated for authenticity or integrity, and are executed by the system post-upload, enabling root access.

Reference

https://ssd-disclosure.com/ssd-advisory-kerio-control-authentication-bypass-and-rce/
https://vulncheck.com/advisories/gfi-kerio-control-auth-bypass-rce

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

02-07-2025 - 14:15

Objavljeno

02-07-2025 - 14:15