13 matches found
CVE-2020-36909
SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the editconfigfiles CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/editconfigfiles to access and modify files...
CVE-2020-36908
SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full...
CVE-2020-36908
SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full...
CVE-2020-36909
SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the editconfigfiles CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/editconfigfiles to access and modify files...
CVE-2020-36909 Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read/Write
SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the editconfigfiles CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/editconfigfiles to access and modify files...
CVE-2020-36908 Secure Computing SnapGear Management Console SG560 3.1.5 Cross-Site Request Forgery via Admin Users
SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full...
CVE-2020-36908
The CVE-2020-36908 entry concerns the Secure Computing SnapGear Management Console SG560 (v3.1.5). The vulnerability is a CSRF flaw that lets an attacker perform administrative actions without user consent by enticing a logged-in user to visit a malicious page; a crafted request can auto-create a...
Secure Computing SnapGear Management Console SG560 v3.1.5 Arbitrary File Read/Write
Summary The SG gateway appliance range provides Internet security and privacy of communications for small and medium enterprises, and branch offices. It simply and securely connects your office to the Internet, and with its robust stateful firewall, shields your computers from external threats...
Secure Computing SnapGear Management Console SG560 3.1.5 CSRF
Secure Computing SnapGear Management Console SG560 v3.1.5 CSRF Add Super User Vendor: Secure Computing Corp. Product web page: http://www.securecomputing.com Affected version: 3.1.5u1 Summary: The SG gateway appliance range provides Internet security and privacy of communications for small and...
Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read / Write
Secure Computing SnapGear Management Console SG560 v3.1.5 Arbitrary File Read/Write Vendor: Secure Computing Corp. Product web page: http://www.securecomputing.com Affected version: 3.1.5u1 Summary: The SG gateway appliance range provides Internet security and privacy of communications for small...
SnapGear Management Console SG560 3.1.5 - Arbitrary File Read Vulnerability
Exploit for hardware platform in category web applications Title: Secure Computing SnapGear Management Console SG560 3.1.5 - Arbitrary File Read Author:LiquidWorm Vendor: http://www.securecomputing.com CVE: N/A Secure Computing SnapGear Management Console SG560 v3.1.5 Arbitrary File Read/Write...
Secure Computing SnapGear Management Console SG560 3.1.5 - Arbitrary File Read
Title: Secure Computing SnapGear Management Console SG560 3.1.5 - Arbitrary File Read Author:LiquidWorm Date: 2020-06-04 Vendor: http://www.securecomputing.com CVE: N/A Secure Computing SnapGear Management Console SG560 v3.1.5 Arbitrary File Read/Write Vendor: Secure Computing Corp. Product web...
SnapGear Management Console SG560 3.1.5 - Cross-Site Request Forgery (Add Super User)
Title: SnapGear Management Console SG560 3.1.5 - Cross-Site Request Forgery Add Super User Author: LiquidWorm Date: 2020-06-04 Vendor: http://www.securecomputing.com CVE: N/A Secure Computing SnapGear Management Console SG560 v3.1.5 CSRF Add Super User Vendor: Secure Computing Corp. Product web...