GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as root.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSecomea Gatemanager 8250
HWSecomeawszystkie wersjeSecomea Gatemanager 8250 Firmware
OSSecomea9.2c
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2020-29026CRITICAL9.0ten sam produkt
A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authe...
CVE-2020-14500CRITICAL10.0ten sam produkt
Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary ...
CVE-2022-25787HIGH7.5ten sam produkt
Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allo...
CVE-2020-29032HIGH8.4ten sam produkt
Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authent...
CVE-2020-29031HIGH7.1ten sam produkt
An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an auth...