A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects: GateManager all versions prior to 9.2c.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:LSecomea Gatemanager 4250
HWSecomeawszystkie wersjeSecomea Gatemanager 4250 Firmware
OSSecomea< 9.0iSecomea Gatemanager 4260
HWSecomeawszystkie wersjeSecomea Gatemanager 4260 Firmware
OSSecomea< 9.0iSecomea Gatemanager 8250
HWSecomeawszystkie wersjeSecomea Gatemanager 8250 Firmware
OSSecomea< 9.2cSecomea Gatemanager 9250
HWSecomeawszystkie wersjeSecomea Gatemanager 9250 Firmware
OSSecomea< 9.0i
Related vulnerabilities
Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary ...
GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing...
Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allo...
Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authent...
An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an auth...