Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

GateManager — Vulnerabilities & Security Advisories 38

All 38 CVE vulnerabilities found in GateManager, with AI-generated Chinese analysis, references, and POCs.

This page is a vulnerability aggregation report for GateManager, focusing on common software weaknesses as cataloged by the Common Weakness Enumeration (CWE) initiative. It collects and organizes security issues affecting this specific software product, encompassing a comprehensive time range from early discoveries to the most recent patches released by the vendor. By centralizing this data, the resource enables security professionals to effectively track vendor advisories and monitor the lifecycle of disclosed defects. Users can analyze the evolution of a weakness class across different versions, gaining insight into how specific categories of bugs, such as buffer overflows or input validation errors, have been addressed over time. Additionally, the page provides a detailed look up of the product's vulnerability history, allowing teams to assess the overall security posture of GateManager based on past incidents. This structured approach supports risk assessment and prioritization by highlighting patterns in defect discovery and remediation speed. It serves as a reference for developers and system administrators who need to understand the historical context of security flaws within this environment. The information presented here is derived from public vulnerability databases and vendor notifications, ensuring that the data reflects officially recognized issues rather than speculative findings. This allows for a clear view of known risks associated with GateManager, facilitating informed decisions regarding updates, configuration changes, or migration strategies.

Vendor: Secomea

CVE IDTitleCVSSSeverityPublished
CVE-2025-14716 Unauthorized access to information CWE-287 6.5 Medium2026-03-19
CVE-2021-32007 Missing security header: Referrer-Policy URL CWE-200 3.5 Low2024-12-13
CVE-2024-1969 Heap buffer overflow CWE-120 8.2 High2024-04-29
CVE-2024-1579 Insufficient seeding of random number generator CWE-335 8.1 High2024-04-29
CVE-2023-3675 Insufficient input validation when downloading certain file types. CWE-22 6.5 Medium2024-04-18
CVE-2023-0317 GateManager debug interface is included in non-debug builds CWE-420 4.9 Medium2023-04-19
CVE-2022-4308 Clear-text passwords in configuration files CWE-256 6.1 Medium2023-04-19
CVE-2022-2752 Potential vulnerabilities in GM login process CWE-287 5.5 Medium2022-12-09
CVE-2022-38123 Insufficient validation of plugin files CWE-20 8.7 High2022-12-06
CVE-2022-25786 GateManager debug interface is included in production builds CWE-420 4.9 Medium2022-05-04
CVE-2022-25787 GTA URLs issued by LMM WEB API may leak information CWE-598 7.5 High2022-05-04
CVE-2022-25783 Hacking attempts from logged-in users are not properly logged by GM CWE-778 4.3 Medium2022-05-04
CVE-2022-25782 Insufficient privilege checks on object access and updates. CWE-274 5.4 Medium2022-05-04
CVE-2022-25781 Reflected XSS issues in GateManager CWE-79 4.2 Medium2022-05-04
CVE-2022-25780 Information leak via device availability query function CWE-200 4.3 Medium2022-05-04
CVE-2022-25779 Insufficient scope checks allows adding unrelated audit log entries CWE-779 4.3 Medium2022-05-04
CVE-2022-25778 Unload handlers may unintentionally defeat CSRF guards CWE-352 4.2 Medium2022-05-04
CVE-2021-32009 Missing XSS guards on firmware page CWE-79 5.0 Medium2022-03-11
CVE-2021-32006 GateManager information leak for LinkManager Users CWE-275 5.0 Medium2022-03-07
CVE-2021-32008 Logged-in Administrator may get unrestricted file system access CWE-552 9.9 Critical2022-03-04
CVE-2021-32004 GateManager does not enforce strict hostname matching for WEB server CWE-923 3.7 Low2021-11-22
CVE-2020-29030 Insufficient CSRF guards CWE-352 8.1 High2021-03-05
CVE-2020-29028 Reflected XSS issues CWE-79 6.3 Medium2021-03-05
CVE-2020-29029 XSS issue due to insufficient sanitization of input field CWE-20 7.3 High2021-03-05
CVE-2020-29032 Add integrity check of GateManager firmware CWE-494 8.4 High2021-03-05
CVE-2020-29023 CSV Formula Injection possible due to improper fields escaping in GateManager CWE-116 3.5 Low2021-02-16
CVE-2020-29022 Host Header Injection allowing web cache poisoning attacks CWE-159 5.3 Medium2021-02-16
CVE-2020-29024 Missing HtppOnly and Secure flags CWE-614 5.3 Medium2021-02-16
CVE-2020-29031 Insecure Direct Object Reference in GateManager WebUI can cause privilege escalation CWE-280 7.1 High2021-02-15
CVE-2020-29026 Secomea GateManager 路径遍历漏洞 CWE-22 9.0 Critical2021-02-15

All 38 known CVE vulnerabilities affecting GateManager with full Chinese analysis, references, and POCs where available.