EIP-2026-108993

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-108993. PoCs published by SEC Consult.

AI-analyzed exploit summary This is a detailed security advisory describing multiple vulnerabilities in Kerio Control, including remote code execution via PHP deserialization, CSRF bypass, heap spraying, and privilege escalation. The advisory does not contain actual exploit code but provides technical details and attack scenarios.

Description

Kerio Control Unified Threat Management 9.1.0 build 1087/9.1.1 build 1324 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by SEC Consult · textwebappsphp

https://www.exploit-db.com/exploits/40414

View Code ZIP pw:eip

This is a detailed security advisory describing multiple vulnerabilities in Kerio Control, including remote code execution via PHP deserialization, CSRF bypass, heap spraying, and privilege escalation. The advisory does not contain actual exploit code but provides technical details and attack scenarios.

Classification

Writeup 100%

Attack Type

Rce | Auth Bypass | Deserialization | Info Leak | Xss

Complexity

Complex

Reliability

Theoretical

Target: Kerio Control Unified Threat Management <9.1.3

Auth required

Prerequisites: Authenticated user session or weak credentials · Victim must visit a malicious website

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1003 - OS Credential Dumping

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Kerio Control Unified Threat Management 9.1.0 build 1087/9.1.1 build 1324 - Multiple Vulnerabilities

Exploitation Summary

Description

Exploits (1)

Details