Every CVE whose affected-product data names Kerlink Keros, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-39148 — CVSS 8.1 (high): The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing an unauthenticated remote attacker…
CVE-2024-32384 — CVSS 6.8 (medium): Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of…
CVE-2024-32388 — CVSS 5.3 (medium): Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This…