Security Advisory

CVE-2026-28271

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-27 20:21:12

Last updated 2026-03-03 20:27:38

Assigner GitHub_M

State PUBLISHED

Description

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration functionality allows bypassing of SSRF protections through DNS rebinding attacks. Malicious administrators could exploit this to access internal services that should be restricted. Version 9.2.0 contains a patch for the issue.

← Browse all CVEs View on cve.org ↗