2 matches found
CVE-2020-35736
GateOne 1.1 has a Local File Inclusion vulnerability: arbitrary file retrieval without authentication via /downloads/.. due to incorrect os.path.join usage. The issue enables directory traversal to read sensitive files. Confirmed in the Nuclei template and corroborated by multiple feeds; CVE-2020...
CVE-2020-20184
CVE-2020-20184 affects Liftoff GateOne (a terminal emulator/SSH client). The vulnerability allows remote attackers to execute arbitrary commands by injecting shell metacharacters in the port field during an SSH connection. The available documents provide the vulnerability description but do not s...