Unspecified vulnerability in Kerio WinRoute Firewall prior to 6.1.3 allows remote malicious users to authenticate to the service using an account that has been disabled.