There are multiple HTTP Response Splitting vulnerabilities in GFI Kerio Control versions 9.2.5 through 9.4.5.
https://latesthackingnews.com/2025/01/01/7-years-old-rce-vulnerability-addressed-in-kerio-control/
https://karmainsecurity.com/KIS-2024-07
Source: Mitre, NVD
Published: 2025-01-10