### [CVE-2019-15685](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15685)
![](https://img.shields.io/static/v1?label=Product&message=Kaspersky%20Anti-Virus%2C%20Kaspersky%20Internet%20Security%2C%20Kaspersky%20Total%20Security%2C%20Kaspersky%20Free%20Anti-Virus%2C%20Kaspersky%20Small%20Office%20Security%2C%20Kaspersky%20Security%20Cloud&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Bypass&color=brighgreen)

### Description

Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component allowed an attacker remotely disable such product's security features as private browsing and anti-banner. Bypass.

### POC

#### Reference
- https://hackerone.com/reports/470544
- https://hackerone.com/reports/470544
- https://hackerone.com/reports/470547
- https://hackerone.com/reports/470547
- https://hackerone.com/reports/470553
- https://hackerone.com/reports/470553
- https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1
- https://support.kaspersky.com/general/vulnerability.aspx?el=12430#251119_1

#### Github
No PoCs found on GitHub currently.