Lucene search
K

7 matches found

OSV
OSV
added 2026/01/06 4:15 p.m.3 views

CVE-2020-36908

SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full...

8.8CVSS5.7AI score0.00231EPSS
Exploits2References5
NVD
NVD
added 2026/01/06 4:15 p.m.6 views

CVE-2020-36908

SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full...

8.8CVSS0.00231EPSS
Exploits2References5
NVD
NVD
added 2026/01/06 4:15 p.m.10 views

CVE-2020-36909

SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the editconfigfiles CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/editconfigfiles to access and modify files...

8.8CVSS0.00636EPSS
Exploits2References5
Cvelist
Cvelist
added 2026/01/06 3:52 p.m.25 views

CVE-2020-36909 Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read/Write

SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the editconfigfiles CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/editconfigfiles to access and modify files...

8.7CVSS0.00636EPSS
Exploits2References5
CVE
CVE
added 2026/01/06 3:52 p.m.12 views

CVE-2020-36908

The CVE-2020-36908 entry concerns the Secure Computing SnapGear Management Console SG560 (v3.1.5). The vulnerability is a CSRF flaw that lets an attacker perform administrative actions without user consent by enticing a logged-in user to visit a malicious page; a crafted request can auto-create a...

8.8CVSS6.4AI score0.00231EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2026/01/06 3:52 p.m.26 views

CVE-2020-36908 Secure Computing SnapGear Management Console SG560 3.1.5 Cross-Site Request Forgery via Admin Users

SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full...

5.3CVSS0.00231EPSS
Exploits2References5
Zero Science Lab
Zero Science Lab
added 2020/06/04 12:0 a.m.57 views

Secure Computing SnapGear Management Console SG560 v3.1.5 Arbitrary File Read/Write

Summary The SG gateway appliance range provides Internet security and privacy of communications for small and medium enterprises, and branch offices. It simply and securely connects your office to the Internet, and with its robust stateful firewall, shields your computers from external threats...

8.8CVSS5.9AI score0.00636EPSS
Exploits2
Rows per page
Query Builder