Security Gateway
by Astaro
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-10127 | Cri | 0.64 | 9.8 | 0.01 | Sep 11, 2025 | Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials. | ||
| CVE-2023-47356 | Hig | 0.57 | 8.8 | 0.01 | Jul 17, 2025 | Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution (RCE) vulnerability via the log_type parameter at /log/fw_security.mds. | ||
| CVE-2021-25692 | 0.00 | — | 0.00 | Apr 6, 2021 | Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3. | |||
| CVE-2012-3238 | 0.00 | — | 0.03 | Jul 9, 2012 | Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field. | |||
| CVE-2007-4243 | 0.00 | — | 0.03 | Aug 8, 2007 | Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Gateway (ASG) 7 allows remote attackers to cause a denial of service (CPU consumption) via certain network traffic, as demonstrated by P2P and iTunes applications that download large amounts of data. | |||
| CVE-2007-4242 | 0.00 | — | 0.02 | Aug 8, 2007 | The pop3 Proxy in Astaro Security Gateway (ASG) 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment. | |||
| CVE-2007-3253 | 0.00 | — | 0.03 | Jun 18, 2007 | Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during… |
- risk 0.64cvss 9.8epss 0.01
Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials.
- risk 0.57cvss 8.8epss 0.01
Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution (RCE) vulnerability via the log_type parameter at /log/fw_security.mds.
- CVE-2021-25692Apr 6, 2021risk 0.00cvss —epss 0.00
Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3.
- CVE-2012-3238Jul 9, 2012risk 0.00cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.
- CVE-2007-4243Aug 8, 2007risk 0.00cvss —epss 0.03
Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Gateway (ASG) 7 allows remote attackers to cause a denial of service (CPU consumption) via certain network traffic, as demonstrated by P2P and iTunes applications that download large amounts of data.
- CVE-2007-4242Aug 8, 2007risk 0.00cvss —epss 0.02
The pop3 Proxy in Astaro Security Gateway (ASG) 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment.
- CVE-2007-3253Jun 18, 2007risk 0.00cvss —epss 0.03
Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during…