Kerio Winroute Firewall before 6.0.9, ServerFirewall...
Low severity
Unreviewed
Published
Apr 29, 2022
to the GitHub Advisory Database
•
Updated Jan 30, 2023
Description
Published by the National Vulnerability Database
Jan 10, 2005
Published to the GitHub Advisory Database
Apr 29, 2022
Last updated
Jan 30, 2023
Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when installed on Windows based systems, do not modify the ACLs for critical files, which allows local users with Power Users privileges to modify programs, install malicious DLLs in the plug-ins folder, and modify XML files related to configuration.
References