PT-2025-48465 · Kerlink · Kerlink Gateways+1
Published
2025-12-01
·
Updated
2025-12-23
·
CVE-2024-32384
CVSS v3.1
7.4
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Kerlink gateways versions prior to 5.10
Description
Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, lacking HTTPS support. This absence of transport layer security enables a man-in-the-middle attacker to intercept and modify traffic between a client and the device.
Recommendations
Update KerOS to version 5.10 or later.
Fix
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Keros
Kerlink Gateways