GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection.
9.8CVSS
9.7AI Score
0.007EPSS
GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.
7.5CVSS
7.7AI Score
0.025EPSS