Vulnerabilities > Secomea
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2021-32006 | Incorrect Default Permissions vulnerability in Secomea Gatemanager 9.6.621421014 This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. | 4.3 |
| 2022-03-04 | CVE-2021-32008 | Path Traversal vulnerability in Secomea Gatemanager 9.6.621421014 This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. | 8.7 |
| 2021-11-22 | CVE-2021-32004 | Unspecified vulnerability in Secomea Gatemanager 8250 Firmware This issue affects: Secomea GateManager All versions prior to 9.6. | 5.3 |
| 2021-08-05 | CVE-2021-32002 | Unspecified vulnerability in Secomea Sitemanager Firmware Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. | 3.3 |
| 2021-08-05 | CVE-2021-32003 | Insufficiently Protected Credentials vulnerability in Secomea Sitemanager Firmware Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. | 5.5 |
| 2021-03-05 | CVE-2020-29030 | Cross-Site Request Forgery (CSRF) vulnerability in Secomea Gatemanager Firmware Cross-Site Request Forgery (CSRF) vulnerability in web GUI of Secomea GateManager allows an attacker to execute malicious code. | 8.8 |
| 2021-03-05 | CVE-2020-29029 | Cross-site Scripting vulnerability in Secomea Gatemanager Firmware Improper Input Validation, Cross-site Scripting (XSS) vulnerability in Web GUI of Secomea GateManager allows an attacker to execute arbitrary javascript code. | 6.1 |
| 2021-03-05 | CVE-2020-29028 | Cross-site Scripting vulnerability in Secomea Gatemanager Firmware Cross-site Scripting (XSS) vulnerability in web GUI of Secomea GateManager allows an attacker to inject arbitrary javascript code. | 6.1 |
| 2021-03-05 | CVE-2020-29020 | Incorrect Authorization vulnerability in Secomea Sitemanager Firmware Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. | 7.2 |
| 2021-03-05 | CVE-2020-29032 | Unrestricted Upload of File with Dangerous Type vulnerability in Secomea Gatemanager 8250 Firmware Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authenticated attacker to execute malicious code on server. | 7.2 |