threat
engine
.sh
Back
·
··:··
Home
/
Product
/
secomea gatemanager 9250 firmware
Product
secomea gatemanager 9250 firmware
18 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-25787
< 9.7.622134021
Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administra
7.5
HIGH
CVE-2022-25783
< 9.7.622134021
Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without lo
4.3
MEDIUM
CVE-2022-25782
< 9.7.622134021
Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and up
5.4
MEDIUM
CVE-2022-25781
< 9.7.622134021
Cross-site Scripting (XSS) vulnerability in Web UI of Secomea GateManager allows phishing attacker to inject javascript or html in
4.2
MEDIUM
CVE-2022-25780
< 9.7.622134021
Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope.
4.3
MEDIUM
CVE-2022-25779
< 9.7.622134021
Logging of Excessive Data vulnerability in audit log of Secomea GateManager allows logged in user to write text entries in audit l
4.3
MEDIUM
CVE-2022-25778
< 9.7.622134021
Cross-Site Request Forgery (CSRF) vulnerability in Web UI of Secomea GateManager allows phishing attacker to issue get request in
4.2
MEDIUM
CVE-2021-32010
< 9.7.622134021
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in t
5.6
MEDIUM
CVE-2020-29024
all versions
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance of Secomea GateManager could all
5.3
MEDIUM
CVE-2020-29023
all versions
Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to
3.5
LOW
CVE-2020-29022
all versions
Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoni
5.3
MEDIUM
CVE-2020-29031
< 9.0i
An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an authenticated attacker t
7.1
HIGH
CVE-2020-29026
< 9.0i
A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker wi
9.0
CRITICAL
CVE-2020-29021
all versions
A vulnerability in web UI input field of GateManager allows authenticated attacker to enter script tags that could cause XSS. This
3.5
LOW
CVE-2020-11646
< 9.0.20262
A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2
4.3
MEDIUM
CVE-2020-11645
< 9.0.20262
A denial of service vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.62023604
6.5
MEDIUM
CVE-2020-11644
< 9.0.20262
The information disclosure vulnerability present in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 version
6.5
MEDIUM
CVE-2020-11643
< 9.0.20262
An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.62
6.5
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin