CVE-2020-29026
Last modified
CVE-2020-29026 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects: GateManager all versions prior to 9.2c.. EPSS estimates a 1.46% chance of exploitation in the next 30 days.
Description
A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects: GateManager all versions prior to 9.2c.
Metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Secomea | Gatemanager 8250 Firmware | < 9.2c |
| Secomea | Gatemanager 4250 Firmware | < 9.0i |
| Secomea | Gatemanager 4260 Firmware | < 9.0i |
| Secomea | Gatemanager 9250 Firmware | < 9.0i |
References
- https://www.secomea.com/support/cybersecurity-advisory/#2918Vendor Advisory
- https://www.secomea.com/support/cybersecurity-advisory/#2918Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-29026?
How severe is CVE-2020-29026?
How do I fix CVE-2020-29026?
Are you affected by CVE-2020-29026?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST