Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

GateManager — Vulnerabilities & Security Advisories 38

All 38 CVE vulnerabilities found in GateManager, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive aggregation of vulnerabilities associated with the GateManager product, covering a wide range of weakness types and security tags. It systematically collects data regarding critical security flaws, including buffer overflows, injection flaws, and permission misconfigurations, spanning from early 2018 to the present day. By compiling these disparate reports into a unified view, the resource enables security professionals and product administrators to efficiently track vendor advisories and monitor the release cycle of security patches for GateManager. Users can also gain a deeper understanding of common weakness classes that frequently impact this specific software environment, allowing for more targeted risk assessments and remediation strategies. Furthermore, the page serves as a historical record, letting researchers look up a product's vulnerability history to identify patterns in security lapses or recurring issues over time. This centralized approach reduces the need to search across multiple independent security feeds, thereby saving valuable time during incident response and proactive security audits. The content is strictly factual, focusing on the technical details and temporal context of each disclosed issue without promotional language or subjective commentary. It aims to facilitate informed decision-making by providing clear, accessible information about the security posture of GateManager relative to known weaknesses in the industry.

Vendor: Secomea

CVE IDTitleCVSSSeverityPublished
CVE-2025-14716 Unauthorized access to information CWE-287 6.5 Medium2026-03-19
CVE-2021-32007 Missing security header: Referrer-Policy URL CWE-200 3.5 Low2024-12-13
CVE-2024-1969 Heap buffer overflow CWE-120 8.2 High2024-04-29
CVE-2024-1579 Insufficient seeding of random number generator CWE-335 8.1 High2024-04-29
CVE-2023-3675 Insufficient input validation when downloading certain file types. CWE-22 6.5 Medium2024-04-18
CVE-2023-0317 GateManager debug interface is included in non-debug builds CWE-420 4.9 Medium2023-04-19
CVE-2022-4308 Clear-text passwords in configuration files CWE-256 6.1 Medium2023-04-19
CVE-2022-2752 Potential vulnerabilities in GM login process CWE-287 5.5 Medium2022-12-09
CVE-2022-38123 Insufficient validation of plugin files CWE-20 8.7 High2022-12-06
CVE-2022-25786 GateManager debug interface is included in production builds CWE-420 4.9 Medium2022-05-04
CVE-2022-25787 GTA URLs issued by LMM WEB API may leak information CWE-598 7.5 High2022-05-04
CVE-2022-25783 Hacking attempts from logged-in users are not properly logged by GM CWE-778 4.3 Medium2022-05-04
CVE-2022-25782 Insufficient privilege checks on object access and updates. CWE-274 5.4 Medium2022-05-04
CVE-2022-25781 Reflected XSS issues in GateManager CWE-79 4.2 Medium2022-05-04
CVE-2022-25780 Information leak via device availability query function CWE-200 4.3 Medium2022-05-04
CVE-2022-25779 Insufficient scope checks allows adding unrelated audit log entries CWE-779 4.3 Medium2022-05-04
CVE-2022-25778 Unload handlers may unintentionally defeat CSRF guards CWE-352 4.2 Medium2022-05-04
CVE-2021-32009 Missing XSS guards on firmware page CWE-79 5.0 Medium2022-03-11
CVE-2021-32006 GateManager information leak for LinkManager Users CWE-275 5.0 Medium2022-03-07
CVE-2021-32008 Logged-in Administrator may get unrestricted file system access CWE-552 9.9 Critical2022-03-04
CVE-2021-32004 GateManager does not enforce strict hostname matching for WEB server CWE-923 3.7 Low2021-11-22
CVE-2020-29030 Insufficient CSRF guards CWE-352 8.1 High2021-03-05
CVE-2020-29028 Reflected XSS issues CWE-79 6.3 Medium2021-03-05
CVE-2020-29029 XSS issue due to insufficient sanitization of input field CWE-20 7.3 High2021-03-05
CVE-2020-29032 Add integrity check of GateManager firmware CWE-494 8.4 High2021-03-05
CVE-2020-29023 CSV Formula Injection possible due to improper fields escaping in GateManager CWE-116 3.5 Low2021-02-16
CVE-2020-29022 Host Header Injection allowing web cache poisoning attacks CWE-159 5.3 Medium2021-02-16
CVE-2020-29024 Missing HtppOnly and Secure flags CWE-614 5.3 Medium2021-02-16
CVE-2020-29031 Insecure Direct Object Reference in GateManager WebUI can cause privilege escalation CWE-280 7.1 High2021-02-15
CVE-2020-29026 Secomea GateManager 路径遍历漏洞 CWE-22 9.0 Critical2021-02-15

All 38 known CVE vulnerabilities affecting GateManager with full Chinese analysis, references, and POCs where available.