CVE-2022-38125— FTP Agent forwards traffic on inactive ports to LinkManager

CVSS 2.9 · Low EPSS 0.12% · P30 Updated Feb 05, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-38125

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

FTP Agent forwards traffic on inactive ports to LinkManager

Source: NVD (National Vulnerability Database)

Vulnerability Description

Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

通信信道对预期端点的不适当限制

Source: NVD (National Vulnerability Database)

Vulnerability Title

Secomea SiteManager 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Secomea SiteManager是丹麦Secomea公司的一个应用软件。提供一个工业设备远程维护功能。 Secomea SiteManager存在安全漏洞，该漏洞源于存在通信通道对预期端点的不当限制问题。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Secomea	SiteManager	5.0 ~ 10.0	-

II. Public POCs for CVE-2022-38125

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-38125

请登录查看更多情报信息。

Same Patch Batch · Secomea · 2023-04-19 · 3 CVEs total

CVE-2022-4308	6.1 MEDIUM	Clear-text passwords in configuration files
CVE-2023-0317	4.9 MEDIUM	GateManager debug interface is included in non-debug builds

IV. Related Vulnerabilities

Same product: SiteManager

Same vendor: Secomea

Same weakness: CWE-923

V. Comments for CVE-2022-38125

Anonymous User

2026-01-15 06:09:28

Zaproxy alias impedit expedita quisquam pariatur exercitationem. Nemo rerum eveniet dolores rem quia dignissimos.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-38125— FTP Agent forwards traffic on inactive ports to LinkManager

I. Basic Information for CVE-2022-38125

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-38125

III. Intelligence Information for CVE-2022-38125

Same Patch Batch · Secomea · 2023-04-19 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-38125

Anonymous User

Leave a comment