EUVD-2025-209597

Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radiusaddress POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can...

The vulnerability of the UnlockGateway method in the software for managing and monitoring remote devices in telemetering and telemechanics systems allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the UnlockGateway method in software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

CVE-2025-1448 Synway SMG Gateway Management Software 9-12ping.php command injection

A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The attack may be initiated remotely. The...

PT-2025-6919 · Synway · Synway Smg Gateway Management

Name of the Vulnerable Software and Affected Versions: Synway SMG Gateway Management Software up to 20250204 Description: A critical issue affects the processing of the file 9-12ping.php in Synway SMG Gateway Management Software. The manipulation of the retry argument leads to command injection...

Synway SMG Gateway Management Software 注入漏洞

Synway SMG Gateway Management Software is a gateway management software from Synway. An injection vulnerability exists in Synway SMG Gateway Management Software 20250204 and prior versions, which stems from the parameter retry in file 9-12ping.php that can lead to command injection...

CVE-2023-4745

A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230822. It has been rated as critical. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation leads to sql injection. The attack may be...

CVE-2023-34132

Use of password hash instead of password for authentication vulnerability in SonicWall GMS and Analytics allows Pass-the-Hash attacks. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

Information Leakage Vulnerability in API Gateway Management System of Tech Data Communication Co.

Founded in 1999, Tech Data Xunfei Co., Ltd. is a well-known listed company in the Asia-Pacific region for intelligent speech and artificial intelligence. An information disclosure vulnerability exists in the API gateway management system of KDDI Corporation, which can be exploited by attackers to...

Weak password vulnerability in gateway management software of Hangzhou Sanhui Information Engineering Co.

Hangzhou Sanhui Information Engineering Co., Ltd. is specializing in the field of computer communications integration CTI, focusing on the production and development of voice products and applications in various industries, is the earliest in the country engaged in the development of voice...

China Telecom's Smart Gateway Management Platform Has Information Leakage Vulnerabilities

China Telecom Group Corporation is a large state-owned communications enterprise in China, the global partner of Shanghai World Expo, and one of the world's top 500 enterprises for many years, mainly engaged in fixed-line telephony, mobile communications, satellite communications, Internet access...

Citrix NetScaler Authentication Bypass Vulnerability (CTX232199)

The remote Citrix NetScaler device is affected by an authentication bypass vulnerability in the Application Delivery Controller ADC and the Gateway Management Interface that allows the execution of arbitrary, read only commands on the NetScaler appliance. Please refer to advisory CTX232199 for mo...

Citrix NetScaler Multiple Vulnerabilities (CTX232161)

The remote Citrix NetScaler device is affected by multiple vulnerabilities in the Application Delivery Controller ADC and the Gateway Management Interface. Please refer to advisory CTX232161 for more information. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid110903;...

CVE-2016-10258

Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway ASG and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code...

Citrix NetScaler Multiple Vulnerabilities (CTX230238, CTX230612)

The remote Citrix NetScaler device is affected by multiple vulnerabilities in the Application Delivery Controller ADC and the Gateway Management Interface. Please refer to advisories CTX230238 and CTX230612 for more information. C Tenable Network Security, Inc. include'compat.inc'; if description...