Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection [email protected] (The Hacker News)

Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE).
The vulnerability in question, CVE-2024-52875, refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could thenRead More 


Posted

in

by

Tags: