Gatemanager 4260 firmware

This hub aggregates every CVE we track for Gatemanager 4260 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Gatemanager 4260 firmware.

• CVE-2022-25787GTA URLs issued by LMM WEB API may leak information7.5May 4, 2022
• CVE-2022-25783Hacking attempts from logged-in users are not properly logged by GM4.3May 4, 2022
• CVE-2022-25782Insufficient privilege checks on object access and updates.5.4May 4, 2022
• CVE-2022-25781Reflected XSS issues in GateManager4.2May 4, 2022
• CVE-2022-25780Information leak via device availability query function4.3May 4, 2022
• CVE-2022-25779Insufficient scope checks allows adding unrelated audit log entries4.3May 4, 2022
• CVE-2022-25778Unload handlers may unintentionally defeat CSRF guards4.2May 4, 2022
• CVE-2021-32010Clients may connect to a GateManager with TLS 1.05.6May 4, 2022
• CVE-2020-29023CSV Formula Injection possible due to improper fields escaping in GateManager3.5Feb 16, 2021
• CVE-2020-29022Host Header Injection allowing web cache poisoning attacks5.3Feb 16, 2021
• CVE-2020-29024Missing HtppOnly and Secure flags5.3Feb 16, 2021
• CVE-2020-29031Insecure Direct Object Reference in GateManager WebUI can cause privilege escalation7.1Feb 15, 2021
• CVE-2020-29026A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in ...9.0Feb 15, 2021
• CVE-2020-29021Scripting tag chars < > not filtered in input fields could cause Cross-Site Scripting (XSS)3.5Feb 8, 2021
• CVE-2020-11646GateManager Log Information Disclosure Vulnerability4.3Oct 15, 2020