HIGH✓ PATCH🇬🇧 English

CVE-2020-29032

CVSS 8.4v3.1pub. 2021-03-05upd. 2024-11-21

Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authenticated attacker to execute malicious code on server. This issue affects: Secomea GateManager all versions prior to 9.4.621054022

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
  • Secomea Gatemanager 8250

    HW
    Secomea
    wszystkie wersje
  • Secomea Gatemanager 8250 Firmware

    OS
    Secomea
    < 9.4.621054022
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2020-29026CRITICAL9.0ten sam produkt

A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authe...

CVE-2020-14510CRITICAL9.8ten sam produkt

GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing...

CVE-2020-14500CRITICAL10.0ten sam produkt

Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary ...

CVE-2022-25787HIGH7.5ten sam produkt

Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allo...

CVE-2020-29031HIGH7.1ten sam produkt

An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an auth...