Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12838 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php. | |||||
| CVE-2020-12840 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php | |||||
| CVE-2020-12843 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used. | |||||
| CVE-2020-13119 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 4.3 MEDIUM | 8.1 HIGH |
| ismartgate PRO 1.5.9 is vulnerable to clickjacking. | |||||
| CVE-2020-12281 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php. | |||||
| CVE-2020-12837 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used. | |||||
| CVE-2020-12839 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php. | |||||
| CVE-2020-12842 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php. | |||||
| CVE-2020-12841 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php | |||||
| CVE-2020-12280 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php. | |||||
| CVE-2020-12282 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.) | |||||