Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Secomea — Vulnerabilities & Security Advisories 46

Browse all 46 CVE security advisories affecting Secomea. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Secomea provides remote access and monitoring solutions for industrial automation systems, enabling secure connectivity between IT networks and operational technology environments. The platform’s architecture, which facilitates external management of critical infrastructure, has historically exposed it to significant security risks, resulting in 46 recorded Common Vulnerabilities and Exposures (CVEs). These vulnerabilities predominantly involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and weak authentication mechanisms in legacy versions. Notable incidents include the exploitation of unpatched endpoints that allowed attackers to gain administrative control over connected industrial devices, highlighting the critical importance of timely patch management. While newer iterations have implemented enhanced encryption and multi-factor authentication, the historical prevalence of severe flaws underscores the persistent challenges in securing specialized industrial IoT gateways against sophisticated cyber threats targeting critical infrastructure.

Found 34 results / 46Clear Filters
Top products by Secomea: GateManager SiteManager SiteManager Embedded (SM-E) SiteManager Embedded
CVE IDTitleCVSSSeverityPublished
CVE-2025-14716 Unauthorized access to information — GateManagerCWE-287 6.5 Medium2026-03-19
CVE-2021-32007 Missing security header: Referrer-Policy URL — GateManagerCWE-200 3.5 Low2024-12-13
CVE-2024-1969 Heap buffer overflow — GateManagerCWE-120 8.2 High2024-04-29
CVE-2024-1579 Insufficient seeding of random number generator — GateManagerCWE-335 8.1 High2024-04-29
CVE-2023-3675 Insufficient input validation when downloading certain file types. — GateManagerCWE-22 6.5 Medium2024-04-18
CVE-2023-0317 GateManager debug interface is included in non-debug builds — GateManagerCWE-420 4.9 Medium2023-04-19
CVE-2022-4308 Clear-text passwords in configuration files — GateManagerCWE-256 6.1 Medium2023-04-19
CVE-2022-2752 Potential vulnerabilities in GM login process — GateManagerCWE-287 5.5 Medium2022-12-09
CVE-2022-38123 Insufficient validation of plugin files — GateManagerCWE-20 8.7 High2022-12-06
CVE-2022-25786 GateManager debug interface is included in production builds — GateManagerCWE-420 4.9 Medium2022-05-04
CVE-2022-25787 GTA URLs issued by LMM WEB API may leak information — GateManagerCWE-598 7.5 High2022-05-04
CVE-2022-25783 Hacking attempts from logged-in users are not properly logged by GM — GateManagerCWE-778 4.3 Medium2022-05-04
CVE-2022-25782 Insufficient privilege checks on object access and updates. — GateManagerCWE-274 5.4 Medium2022-05-04
CVE-2022-25781 Reflected XSS issues in GateManager — GateManagerCWE-79 4.2 Medium2022-05-04
CVE-2022-25780 Information leak via device availability query function — GateManagerCWE-200 4.3 Medium2022-05-04
CVE-2022-25779 Insufficient scope checks allows adding unrelated audit log entries — GateManagerCWE-779 4.3 Medium2022-05-04
CVE-2022-25778 Unload handlers may unintentionally defeat CSRF guards — GateManagerCWE-352 4.2 Medium2022-05-04
CVE-2021-32009 Missing XSS guards on firmware page — GateManagerCWE-79 5.0 Medium2022-03-11
CVE-2021-32006 GateManager information leak for LinkManager Users — GateManagerCWE-275 5.0 Medium2022-03-07
CVE-2021-32008 Logged-in Administrator may get unrestricted file system access — GateManagerCWE-552 9.9 Critical2022-03-04
CVE-2021-32004 GateManager does not enforce strict hostname matching for WEB server — GateManagerCWE-923 3.7 Low2021-11-22
CVE-2020-29030 Insufficient CSRF guards — GateManagerCWE-352 8.1 High2021-03-05
CVE-2020-29028 Reflected XSS issues — GateManagerCWE-79 6.3 Medium2021-03-05
CVE-2020-29029 XSS issue due to insufficient sanitization of input field — GateManagerCWE-20 7.3 High2021-03-05
CVE-2020-29032 Add integrity check of GateManager firmware — GateManagerCWE-494 8.4 High2021-03-05
CVE-2020-29023 CSV Formula Injection possible due to improper fields escaping in GateManager — GateManagerCWE-116 3.5 Low2021-02-16
CVE-2020-29022 Host Header Injection allowing web cache poisoning attacks — GateManagerCWE-159 5.3 Medium2021-02-16
CVE-2020-29024 Missing HtppOnly and Secure flags — GateManagerCWE-614 5.3 Medium2021-02-16
CVE-2020-29031 Insecure Direct Object Reference in GateManager WebUI can cause privilege escalation — GateManagerCWE-280 7.1 High2021-02-15
CVE-2020-29026 Secomea GateManager 路径遍历漏洞 — GateManagerCWE-22 9.0 Critical2021-02-15

This page lists every published CVE security advisory associated with Secomea. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.