प्लेटफ़ॉर्म
other
में ठीक किया गया
10.0.7
CVE-2025-2976 is an Unrestricted File Upload vulnerability affecting GFI KerioConnect versions 10.0.6 through 10.0.6. This flaw allows attackers to upload arbitrary files, potentially leading to cross-site scripting (XSS) attacks. The vulnerability has been publicly disclosed and a patch is available in version 10.0.7, requiring immediate attention to prevent exploitation.
Successful exploitation of CVE-2025-2976 enables an attacker to upload malicious files to the KerioConnect server. These files, if crafted appropriately, can be leveraged to execute XSS attacks against users accessing the application. This could lead to session hijacking, defacement of the application, or the theft of sensitive user data. The ability to upload arbitrary files significantly expands the attack surface, allowing for a wide range of potential malicious payloads beyond simple XSS, potentially including remote code execution depending on server configuration and file handling routines.
This vulnerability was publicly disclosed on 2025-03-31. The exploit is publicly available, increasing the likelihood of exploitation. The CVSS score is LOW, suggesting the attack requires some level of user interaction or specific configuration to be successful. There is currently no indication of active exploitation campaigns targeting this vulnerability, but the public availability of the exploit warrants immediate attention.
Organizations utilizing KerioConnect versions 10.0.6 through 10.0.6 are at risk. This includes businesses relying on KerioConnect for email collaboration and communication, particularly those with limited security resources or those who have not implemented robust file upload validation measures.
disclosure
एक्सप्लॉइट स्थिति
EPSS
0.07% (20% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2025-2976 is to upgrade KerioConnect to version 10.0.7 or later, which contains the fix. If immediate upgrade is not possible, consider implementing temporary workarounds such as strict file type validation on the upload endpoint, limiting file sizes, and employing a Web Application Firewall (WAF) to block suspicious file uploads. Regularly review KerioConnect logs for any unusual file upload activity. After upgrading, confirm the vulnerability is resolved by attempting a file upload with a known malicious extension and verifying it is rejected.
Actualizar a una versión posterior a la 10.0.6 de KerioConnect, si está disponible. Si no hay una versión disponible, contacte al proveedor para obtener un parche o una solución alternativa. Como medida temporal, revise y filtre las entradas de archivos para evitar la inyección de código malicioso.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2025-2976 is a vulnerability in KerioConnect versions 10.0.6–10.0.6 that allows attackers to upload arbitrary files, potentially leading to cross-site scripting (XSS).
Yes, if you are running KerioConnect versions 10.0.6–10.0.6, you are affected by this vulnerability and should upgrade immediately.
Upgrade KerioConnect to version 10.0.7 or later to resolve this vulnerability. Consider temporary workarounds if immediate upgrade is not possible.
While there is no confirmed active exploitation, the public availability of the exploit increases the risk of exploitation.
Refer to the official KerioConnect security advisory for detailed information and updates regarding CVE-2025-2976.
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।