CVE-2020-11642— SiteManager Denial of Service via Local File Inclusion Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-11642
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SiteManager Denial of Service via Local File Inclusion Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对外部实体的文件或目录可访问
Source: NVD (National Vulnerability Database)
Vulnerability Title
Secomea GateManager 和 SiteManager 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Secomea GateManager和Secomea SiteManager都是丹麦Secomea公司的产品。GateManager是一款远程访问服务器产品。Secomea SiteManager是一个应用软件。提供一个工业设备远程维护功能。 GateManager 4260 版本, 9250 v9.0.20262之前版本,8250 v9.2.620236042 之前版本和SiteManager v9.2.620236042之前版本存在安全漏洞,攻击者可利用该漏洞使用经过身份验证的用户可以收集有关属于外
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| B&R | SiteManager | unspecified ~ 9.2.620236042 | - |
II. Public POCs for CVE-2020-11642
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-11642
请登录查看更多情报信息。
- B&R Automation SiteManager and GateManager | CISAx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2020-11642
Same Patch Batch · B&R · 2020-10-15 · 7 CVEs total
| CVE-2020-11641 | 7.7 HIGH | SiteManager Local File Inclusion Vulnerability |
| CVE-2020-11643 | 6.5 MEDIUM | GateManager Information Disclosure Vulnerability |
| CVE-2020-11644 | 6.5 MEDIUM | GateManager Audit Message Spoofing Vulnerability |
| CVE-2020-11645 | 6.5 MEDIUM | GateManager Denial of Service Vulnerability |
| CVE-2020-11637 | 5.8 MEDIUM | Automation Runtime TFTP Service DoS Vulnerability |
| CVE-2020-11646 | 4.3 MEDIUM | GateManager Log Information Disclosure Vulnerability |
IV. Related Vulnerabilities
Same vendor: B&R
- CVE-2020-11637
Automation Runtime TFTP Service DoS Vulnerability - CVE-2020-11646
GateManager Log Information Disclosure Vulnerability - CVE-2020-11645
GateManager Denial of Service Vulnerability - CVE-2020-11641
SiteManager Local File Inclusion Vulnerability - CVE-2020-11644
GateManager Audit Message Spoofing Vulnerability
Same weakness: CWE-552
- CVE-2025-7389
Unauthorized Arbitrary File Read via RMI in AdminServer Inte - CVE-2019-25709
CF Image Hosting Script 1.6.5 Unauthorized Database Access - CVE-2026-33698
Chamilo LMS affected by unauthenticated RCE in main/install - CVE-2021-47960
Synology SSL VPN Client 安全漏洞 - CVE-2026-35446
LORIS has a path traversal in FilesDownloadHandler
V. Comments for CVE-2020-11642
No comments yet