Kerio Control is a firewall solution for small businesses. In 2016 an ex-college (Raschin Tavakoli) told me he found some interesting behavior in it and we started to dig deeper into it on the weekend. We found all kind of vulnerabilities and ultimately a really cool exploit chain. It allows to get full code execution on the firewall over the internet via a memory corruption and a CSRF bypass if one of the end-users visits a malicious website.
You can find the the original blogpost here: Link