Gatemanager 8250 firmware

This hub aggregates every CVE we track for Gatemanager 8250 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Gatemanager 8250 firmware.

• CVE-2022-25787GTA URLs issued by LMM WEB API may leak information7.5May 4, 2022
• CVE-2022-25783Hacking attempts from logged-in users are not properly logged by GM4.3May 4, 2022
• CVE-2022-25782Insufficient privilege checks on object access and updates.5.4May 4, 2022
• CVE-2022-25781Reflected XSS issues in GateManager4.2May 4, 2022
• CVE-2022-25780Information leak via device availability query function4.3May 4, 2022
• CVE-2022-25779Insufficient scope checks allows adding unrelated audit log entries4.3May 4, 2022
• CVE-2022-25778Unload handlers may unintentionally defeat CSRF guards4.2May 4, 2022
• CVE-2021-32010Clients may connect to a GateManager with TLS 1.05.6May 4, 2022
• CVE-2021-32004GateManager does not enforce strict hostname matching for WEB server3.7Nov 22, 2021
• CVE-2020-29032Add integrity check of GateManager firmware8.4Mar 5, 2021
• CVE-2020-29023CSV Formula Injection possible due to improper fields escaping in GateManager3.5Feb 16, 2021
• CVE-2020-29022Host Header Injection allowing web cache poisoning attacks5.3Feb 16, 2021
• CVE-2020-29024Missing HtppOnly and Secure flags5.3Feb 16, 2021
• CVE-2020-29031Insecure Direct Object Reference in GateManager WebUI can cause privilege escalation7.1Feb 15, 2021
• CVE-2020-29026A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in ...9.0Feb 15, 2021