CVE-2025-34069
BaseFortify
Publication date: 2025-07-02
Last updated on: 2025-09-17
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gfi | kerio_control | 9.4.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an authentication bypass in GFI Kerio Control 9.4.5 caused by insecure default proxy settings and weak access control in the GFIAgent service. The proxy on TCP port 3128 allows unauthenticated requests to be forwarded to internal services like GFIAgent, bypassing firewall protections. Attackers can access GFIAgent on ports 7995 and 7996 without authentication, retrieve the appliance UUID, and perform administrative actions through the proxy, resulting in full administrative control of the device.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to an attacker gaining full administrative access to the Kerio Control appliance. This means unauthorized users can control the device, potentially altering configurations, accessing sensitive internal services, and compromising the security and integrity of the network protected by the appliance.