cbcvebase.
CVE-2020-29026
published 2021-02-15

CVE-2020-29026: A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions…

PriorityP340medium6.5CVSS 3.1
AVNACLPRHUINSUCHIHAN
EPSS
1.46%
70.3th percentile
A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects: GateManager all versions prior to 9.2c.

Affected

5 ranges
VendorProductVersion rangeFixed in
secomeagatemanager>= All < 9.2c9.2c
secomeagatemanager_4250_firmware< 9.0i9.0i
secomeagatemanager_4260_firmware< 9.0i9.0i
secomeagatemanager_8250_firmware< 9.2c9.2c
secomeagatemanager_9250_firmware< 9.0i9.0i

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
nvdv2.05.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.