VYPR

GateOne

by liftoff

CVEs (2)

  • CVE-2020-20184CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.03

    GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection.

  • CVE-2020-35736HigDec 27, 2020
    risk 0.50cvss 7.5epss 0.15

    GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.