Unrated severityNVD Advisory· Published Feb 16, 2021· Updated Sep 17, 2024
CSV Formula Injection possible due to improper fields escaping in GateManager
CVE-2020-29023
Description
Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to generate a CSV file that may run arbitrary commands on a victim's computer when opened in a spreadsheet program (like Excel). This issue affects: Secomea GateManager all versions prior to 9.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<9.3+ 1 more
- (no CPE)range: <9.3
- (no CPE)range: all
Patches
Vulnerability mechanics
References
2- www.secomea.com/support/cybersecurity-advisory/mitrex_refsource_MISC
- www.secomea.com/support/cybersecurity-advisory/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.