Secomea Gatemanager
35 CVEs affecting Secomea Gatemanager. Latest disclosed: 2026-03-19. Critical: 3, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-32008 | Critical | 9.9 | 2022-03-04 | This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a Pathname to restricted directory, allows logged… |
CVE-2020-14510 | Critical | 9.8 | 2020-08-25 | GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as… |
CVE-2020-29026 | Critical | 9.0 | 2021-02-15 | A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions… |
CVE-2022-38123 | High | 8.7 | 2022-12-06 | Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager i… |
CVE-2020-29032 | High | 8.4 | 2021-03-05 | Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authenticated attacker to execute malicious code on serv… |
CVE-2024-1969 | High | 8.2 | 2024-04-29 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.Thi… |
CVE-2024-1579 | High | 8.1 | 2024-04-29 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Secomea GateManager (Webserver modules) allows Session Hijacking.This issue… |
CVE-2020-29030 | High | 8.1 | 2021-03-05 | Cross-Site Request Forgery (CSRF) vulnerability in web GUI of Secomea GateManager allows an attacker to execute malicious code. This issue affects: Secomea Gat… |
CVE-2020-14512 | High | 8.1 | 2020-08-25 | GateManager versions prior to 9.2c, The affected product uses a weak hash type, which may allow an attacker to view user passwords. |
CVE-2020-14508 | High | 8.1 | 2020-08-25 | GateManager versions prior to 9.2c, The affected product is vulnerable to an off-by-one error, which may allow an attacker to remotely execute arbitrary code o… |
CVE-2022-25787 | High | 7.5 | 2022-05-04 | Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. Thi… |
CVE-2020-29029 | High | 7.3 | 2021-03-05 | Improper Input Validation, Cross-site Scripting (XSS) vulnerability in Web GUI of Secomea GateManager allows an attacker to execute arbitrary javascript code… |
CVE-2020-29031 | High | 7.1 | 2021-02-15 | An Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an authenticated attacker to reset the password of any u… |
CVE-2025-14716 | Medium | 6.5 | 2026-03-19 | Improper Authentication vulnerability in Secomea GateManager (webserver modules) allows Authentication Bypass.This issue affects GateManager: 11.4;0. |
CVE-2023-3675 | Medium | 6.5 | 2024-04-18 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Secomea GateManager (Web GUI) allows Reading Data from System R… |
CVE-2020-29028 | Medium | 6.3 | 2021-03-05 | Cross-site Scripting (XSS) vulnerability in web GUI of Secomea GateManager allows an attacker to inject arbitrary javascript code. This issue affects: Secomea… |
CVE-2022-4308 | Medium | 6.1 | 2023-04-19 | Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse on SiteManager, if the generated file is leaked. |
CVE-2021-32010 | Medium | 5.6 | 2022-05-04 | Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue… |
CVE-2022-2752 | Medium | 5.5 | 2022-12-09 | A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issu… |
CVE-2022-25782 | Medium | 5.4 | 2022-05-04 | Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information… |