Vulnerability ID 5397

Avsoft Kerio WinRoute Firewall 5 Embedded Web Server information disclosure

CVSSv3 Temp ScoreCurrent Exploit Price (≈)
7.2$0-$1k

A vulnerability was found in Avsoft Kerio WinRoute Firewall 5. It has been classified as critical. This affects an unknown function of the component Embedded Web Server. The manipulation with an unknown input leads to a information disclosure vulnerability. This is going to have an impact on confidentiality.

The weakness was disclosed 05/10/2012 by Andrey Komarov. The public release has been coordinated in cooperation with Avsoft. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details are unknown but a public exploit is available.

After immediately, there has been an exploit disclosed. The exploit is shared for download at exploit-db.com. We expect the 0-day to have been worth approximately $1k-$2k.

Upgrading to version 6 eliminates this vulnerability. The upgrade is hosted for download at winroute.ru. It is possible to mitigate the weakness by firewalling Web Server Port. The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published immediately after the disclosure of the vulnerability.

CVSSv3

Base Score: 7.5 [?]
Temp Score: 7.2 [?]
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:X/RL:O/RC:X [?]
Reliability: High

CVSSv2

Base Score: 7.1 (CVSS2#AV:N/AC:M/Au:N/C:C/I:N/A:N) [?]
Temp Score: 6.2 (CVSS2#E:ND/RL:OF/RC:ND) [?]
Reliability: High

AVACAuCIA
LHMNNN
AMSPPP
NLNCCC
VectorComplexityAuthenticationConfidentialityIntegrityAvailability
LocalHighMultipleNoneNoneNone
AdjacentMediumSinglePartialPartialPartial
NetworkLowNoneCompleteCompleteComplete

CPE

Exploiting

Class: Information disclosure
Local: No
Remote: Yes

Availability: Yes
Access: Public
Download: exploit-db.com

Current Price Estimation: $1k-$2k (0-day) / $0-$1k (Today)

0-Day$0-$1k$1k-$2k$2k-$5k$5k-$10k$10k-$25k$25k-$50k$50k-$100k$100k-$500k
Today$0-$1k$1k-$2k$2k-$5k$5k-$10k$10k-$25k$25k-$50k$50k-$100k$100k-$500k

Exploit-DB: 18857

Countermeasures

Recommended: Upgrade
Status: Official fix
Reaction Time: 0 days since reported
0-Day Time: 0 days since found
Exposure Time: 0 days since known
Exploit Delay Time: 0 days since known

Upgrade: Kerio WinRoute Firewall 6
Firewalling: Web Server Port

Timeline

05/10/2012 Advisory disclosed
05/10/2012 +0 days Exploit disclosed
05/10/2012 +0 days Countermeasure disclosed
05/12/2012 +2 days OSVDB entry created
05/21/2012 +9 days VulDB entry created
12/07/2015 +1295 days VulDB entry updated

Sources

Researcher: Andrey Komarov
Coordinated: Yes
OSVDB: 81829 - Kerio WinRoute Firewall Embedded Web Server Source Code Disclosure

Entry

Created: 05/21/2012
Updated: 12/07/2015
Entry: 80.3% complete