Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-52875 PoC — GFI Kerio Control 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-52875.yaml
Associated Vulnerability
Title:GFI Kerio Control 安全漏洞 (CVE-2024-52875)
Description:GFI Kerio Control是马耳他GFI公司的一套统一威胁管理(UTM)解决方案。该产品包括病毒防护、Web内容过滤和应用程序过滤等功能。 GFI Kerio Control存在安全漏洞,该漏洞源于部分页面的Dest 参数在用于生成302响应中的HTTP标头之前没有被正确清理。
Description
Kerio Control, formerly known as Kerio WinRoute Firewall, has been found vulnerable to multiple HTTP Response Splitting vulnerabilities in product affecting versions 9.2.5
File Snapshot

 id: CVE-2024-52875

info:
  name: Kerio Control v9.2.5 - CRLF Injection
  author: ritikchaddha,iamno

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.