RSS   Vulnerabilities for 'Gateone'   RSS

2020-12-27
 
CVE-2020-35736

CWE-22
 

 
GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.

 
2020-12-14
 
CVE-2020-20184

NVD-CWE-noinfo
 

 
GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection.

 

 >>> Vendor: Liftoffsoftware 2 Products
Gateone
Gate one


Copyright 2024, cxsecurity.com

 

Back to Top