Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CSV Formula Injection possible due to improper fields escaping in GateManager
Vulnerability Description
Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to generate a CSV file that may run arbitrary commands on a victim's computer when opened in a spreadsheet program (like Excel). This issue affects: Secomea GateManager all versions prior to 9.3.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
对输出编码和转义不恰当
Vulnerability Title
Secomea GateManager 安全漏洞
Vulnerability Description
Secomea GateManager all versions prior to 9.3 存在安全漏洞,攻击者可利用该漏洞在受害者的计算机上运行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A