Vulnerability Details CVE-2020-29026
A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects: GateManager all versions prior to 9.2c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.1%
CVSS Severity
CVSS v3 Score 9.0
CVSS v2 Score 5.5
References
Products affected by CVE-2020-29026
-
cpe:2.3:h:secomea:gatemanager_4250:-
-
cpe:2.3:h:secomea:gatemanager_4260:-
-
cpe:2.3:h:secomea:gatemanager_8250:-
-
cpe:2.3:h:secomea:gatemanager_9250:-
-
cpe:2.3:o:secomea:gatemanager_4250_firmware:-
-
cpe:2.3:o:secomea:gatemanager_4260_firmware:-
-
cpe:2.3:o:secomea:gatemanager_4260_firmware:9.0g
-
cpe:2.3:o:secomea:gatemanager_8250_firmware:9.1b
-
cpe:2.3:o:secomea:gatemanager_8250_firmware:9.2
-
cpe:2.3:o:secomea:gatemanager_8250_firmware:9.2b
-
cpe:2.3:o:secomea:gatemanager_9250_firmware:-
-
cpe:2.3:o:secomea:gatemanager_9250_firmware:9.0g