This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission Issues vulnerability in LinkManager web portal of Secomea GateManager allows logged in LinkManager user to access stored SiteManager backup files.
5CVSS
4.5AI Score
0.001EPSS
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a Pathname to restricted directory, allows logged in GateManager admin to delete system Files or Directories.
9.9CVSS
8.4AI Score
0.001EPSS
Cross-site Scripting (XSS) vulnerability in firmware section of Secomea GateManager allows logged in user to inject javascript in browser session. This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions.
6.1CVSS
5.9AI Score
0.001EPSS
Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information. This issue affects: GateManager all versions prior to 9.7.
4.9CVSS
5AI Score
0.001EPSS
A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7.
7.8CVSS
7.4AI Score
0.0004EPSS
Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0.
8.7CVSS
6.9AI Score
0.001EPSS
Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse on SiteManager, if the generated file is leaked.
8.8CVSS
8.6AI Score
0.0004EPSS
Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information.
4.9CVSS
5AI Score
0.001EPSS