Vulnerabilities > Secomea > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-05 | CVE-2020-29032 | Unrestricted Upload of File with Dangerous Type vulnerability in Secomea Gatemanager 8250 Firmware Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authenticated attacker to execute malicious code on server. | 7.2 |
| 2021-02-15 | CVE-2020-29031 | Improper Privilege Management vulnerability in Secomea products An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an authenticated attacker to reset the password of any user in its domain or any sub-domain, via escalation of privileges. | 8.1 |
| 2020-08-25 | CVE-2020-14512 | Use of Password Hash With Insufficient Computational Effort vulnerability in Secomea Gatemanager 8250 Firmware 9.1B/9.2/9.2B GateManager versions prior to 9.2c, The affected product uses a weak hash type, which may allow an attacker to view user passwords. | 7.5 |