Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Kerio Winroute Firewall before 6.0.7, ServerFirewall before 1.0.1, and MailServer before 6.0.5 use symmetric encryption for user passwords, which allows attackers to decrypt the user database and obtain the passwords by extracting the secret key from within the software.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kerio 多个产品 弱加密漏洞
Vulnerability Description
Kerio公司是一家互联网安全软件公司,主要产品包括防火墙及邮件系统。 Kerio的多个软件(Winroute Firewall 6.0.7之前版本、ServerFirewall 1.0.1之前版本、MailServer 6.0.5之前版本)存在弱加密漏洞。 由于上述版本中对用户密码使用对称加密,这使得攻击者可从软件中提取密钥,从而对用户数据库解密并获得密码。
CVSS Information
N/A
Vulnerability Type
N/A