Primary

Context

Kerlink KerOS Firewall Bypass Vulnerability Allowing Unauthorized UDP Access

Vulnerability

A partial firewall bypass vulnerability has been identified in Kerlink devices running KerOS versions 5.0 through 5.11. Due to a misconfiguration in the iptables firewall, these devices incorrectly accept specially crafted UDP packets. This flaw enables attackers to bypass the firewall and access UDP-based services that would normally be protected.

Impact

Exploitation of this vulnerability allows for a partial bypass of the firewall, enabling unauthorized access to UDP services that should be shielded from such traffic.

Remediation

Users are advised to upgrade to KerOS version 5.12, which addresses this vulnerability.

Added: Dec 1, 2025, 4:40 PM

Updated: Dec 1, 2025, 5:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Kerlink KerOS Firewall Bypass Vulnerability Allowing Unauthorized UDP Access

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating