Security News > 2025 > January > Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens

Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens

2025-01-08 18:55

Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. [...]

News URL

https://www.bleepingcomputer.com/news/security/hackers-exploit-keriocontrol-firewall-flaw-to-steal-admin-csrf-tokens/

#csrf #exploit #firewall #hacker #token #CVE-2024-52875

Related news

Hackers exploit DoS flaw to disable Palo Alto Networks firewalls (source)
Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
1000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole (source)
Hackers exploit critical bug in Array Networks SSL VPN products (source)
APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
Hackers exploit ProjectSend flaw to backdoor exposed servers (source)
Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities (source)
Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor (source)
U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.