Security News > 2025 > January > Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
2025-01-08 18:55
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. [...]
News URL
Related news
- Hackers exploit DoS flaw to disable Palo Alto Networks firewalls (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
- Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits (source)
- Hackers exploit critical unpatched flaw in Zyxel CPE devices (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-31 | CVE-2024-52875 | An issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. | 0.0 |