CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Gfi: >> Kerio Connect >> 9.4.1 Security Vulnerabilities

CVE-2023-25267

An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 (fixed in 10.0.0). There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI.

CVSS Score

8.8

EPSS Score

0.001

Published

2023-03-15

Page 1

Vulnerabilities

Vulnerable Software

Gfi: >> Kerio Connect >> 9.4.1 Security Vulnerabilities

Products

Pricing

Contact Us