What is CVE-2020-29026?

CVE-2020-29026 is a critical-severity vulnerability in Secomea Gatemanager, classified under Path Traversal. CVSS score: 9.0/10. Published 2021-02-15.

How severe is CVE-2020-29026?

Critical severity. CVSS v3 base score is 9.0 out of 10.

Path Traversal in Secomea Gatemanager

CVE-2020-29026

A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.003 (57.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L.

Affected products

Secomea Gatemanager — versions All

Weakness classification (CWE)

CWE-22 — Path Traversal

References

www.secomea.com/support/cybersecurity-advisory/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-29026?: CVE-2020-29026 is a critical-severity vulnerability in Secomea Gatemanager, classified under Path Traversal. CVSS score: 9.0/10. Published 2021-02-15.
How severe is CVE-2020-29026?: Critical severity. CVSS v3 base score is 9.0 out of 10.