Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Gogogate Subscribe
Filtered by product Ismartgate Pro
Total 11 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-12838 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2021-07-21 7.5 HIGH 9.8 CRITICAL
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php.
CVE-2020-12839 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2021-07-21 7.5 HIGH 9.8 CRITICAL
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php.
CVE-2020-12842 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2021-07-21 7.5 HIGH 9.8 CRITICAL
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php.
CVE-2020-12837 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2020-09-27 5.0 MEDIUM 7.5 HIGH
ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used.
CVE-2020-12840 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2020-09-27 4.3 MEDIUM 6.5 MEDIUM
ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php
CVE-2020-12841 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2020-09-27 4.3 MEDIUM 6.5 MEDIUM
ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php
CVE-2020-12843 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2020-09-27 7.5 HIGH 9.8 CRITICAL
ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used.
CVE-2020-13119 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2020-09-27 4.3 MEDIUM 8.1 HIGH
ismartgate PRO 1.5.9 is vulnerable to clickjacking.
CVE-2020-12282 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2020-09-27 6.8 MEDIUM 8.8 HIGH
iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)
CVE-2020-12281 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2020-09-27 4.3 MEDIUM 6.5 MEDIUM
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php.
CVE-2020-12280 1 Gogogate 2 Ismartgate Pro, Ismartgate Pro Firmware 2020-09-27 4.3 MEDIUM 6.5 MEDIUM
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php.