Kerlink

Keros

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2024-32388

  • EPSS 0.04%
  • Veröffentlicht 01.12.2025 00:00:00
  • Zuletzt bearbeitet 23.12.2025 13:57:35

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected.

7.4

CVE-2024-32384

  • EPSS 0.02%
  • Veröffentlicht 01.12.2025 00:00:00
  • Zuletzt bearbeitet 23.12.2025 15:50:52

Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client...

8.1

CVE-2024-39148

  • EPSS 0.17%
  • Veröffentlicht 01.12.2025 00:00:00
  • Zuletzt bearbeitet 23.12.2025 13:55:52

The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing an unauthenticated remote attacker to execute arbitrary OS commands as root when the service is reachable over network. Typically, the service is pro...