CVE-2007-6385

Kerio WinRoute Firewall <6.4.1 - Info Disclosure

Title source: llm

Description

The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication for HTTPS pages, which has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.

References (7)

Scores

EPSS 0.0009
EPSS Percentile 25.8%

Classification

CWE
CWE-287
Status draft

Affected Products (46)

kerio/winroute_firewall < 6.4.0
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
kerio/winroute_firewall
... and 31 more

Timeline

Published Dec 15, 2007
Tracked Since Feb 18, 2026