2 matches found
CVE-2023-22897
SecurePoint UTM (before 12.2.5.1) permits information disclosure of memory contents via the /spcgi.cgi endpoint when accessed by an authenticated user. The issue arises from uninitialized data exposure; CVSSv3.1 indicates AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N with a base score of 6.5 (MEDIUM). Affe...
CVE-2023-22620
CVE-2023-22620 affects SecurePoint UTM before 12.2.5.1. The vulnerability, reported in multiple feeds, is an information disclosure via the firewall’s /spcgi.cgi endpoint that can enable authentication bypass and grant access to the administrative interface. The Nuclei template confirms the issue...