Security Advisories

CVE-2021-33600: Denial of Service Vulnerability in Web Interface of F-Secure Internet Gatekeeper


There is a denial-of-service vulnerability in the web interface of F-Secure Internet Gatekeeper 5 series product.



FIX: Hotfix 9 has been published to fix this vulnerability. Download and instructions available at:

Affected Products

Corporate Products:

  • F-Secure Internet Gatekeeper 5 series


  • All supported platforms for the affected products

More Information

A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending a large username parameter. A successful exploitation could lead to a denial-of-service of the product.

This issue and a proof-of-concept exploit was reported privately to F-Secure as part of our Vulnerability Reward Program. No known attacks have been reported or observed in the wild.


F-Secure Corporation would like to thank Selim Enes Karaduman (@enesdex) for bringing this issue to our attention.

Date Issued: 2021-09-28