CVE-2007-0081

Sunbelt Kerio Personal Firewall <4.3.268-4.3.246 - Local Privilege ...

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0081. PoCs published by Matousec Transparent security.

AI-analyzed exploit summary This is a writeup describing a local privilege escalation vulnerability in Kerio Personal Firewall versions 4.3.246 and 4.3.268. The vulnerability allows a local attacker to execute arbitrary code with SYSTEM privileges, leading to full system compromise.

Description

Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and possibly other versions allows local users to provide a Trojan horse iphlpapi.dll to SKPF by placing it in the installation directory.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Matousec Transparent security · textlocalwindows

https://www.exploit-db.com/exploits/29374

View Code ZIP pw:eip

This is a writeup describing a local privilege escalation vulnerability in Kerio Personal Firewall versions 4.3.246 and 4.3.268. The vulnerability allows a local attacker to execute arbitrary code with SYSTEM privileges, leading to full system compromise.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: Kerio Personal Firewall 4.3.246, 4.3.268

No auth needed

Prerequisites: Local access to the target system

MITRE ATT&CK