Every CVE whose affected-product data names Gfi Kerio Control, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-34069 — CVSS 9.8 (critical): An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access…
CVE-2025-34070 — CVSS 9.8 (critical): A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to…
CVE-2025-34071 — CVSS 9.8 (critical): A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with administrative access to upload and execute…
CVE-2024-52875 — CVSS 8.8 (high): An issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. The dest GET parameter passed to the /nonauth/addCertException.cs and…
CVE-2019-16414 — CVSS 6.1 (medium): A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's…