CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-12282

iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.3%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://ismartgate.com/secure-garage-door/
https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf
https://ismartgate.com/secure-garage-door/
https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf

Products affected by CVE-2020-12282

Gogogate » Ismartgate Pro » Version: N/A

cpe:2.3:h:gogogate:ismartgate_pro:-
Gogogate » Ismartgate Pro Firmware » Version: 1.5.9

cpe:2.3:o:gogogate:ismartgate_pro_firmware:1.5.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-12282

Products

Pricing

Contact Us