Search
Find a vulnerability
Search criteria
22 vulnerabilities found for ismartgate_pro_firmware by gogogate
CVE-2020-13119 (GCVE-0-2020-13119)
Vulnerability from nvd – Published: 2020-09-24 15:20 – Updated: 2024-08-04 12:11
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to clickjacking.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to clickjacking."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:20:51.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to clickjacking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13119",
"datePublished": "2020-09-24T15:20:51.000Z",
"dateReserved": "2020-05-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:19.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12843 (GCVE-0-2020-12843)
Vulnerability from nvd – Published: 2020-09-24 15:20 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:23.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:20:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12843",
"datePublished": "2020-09-24T15:20:01.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:23.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12842 (GCVE-0-2020-12842)
Vulnerability from nvd – Published: 2020-09-24 15:17 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:17:57.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12842",
"datePublished": "2020-09-24T15:17:57.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12841 (GCVE-0-2020-12841)
Vulnerability from nvd – Published: 2020-09-24 15:13 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:13:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12841",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12841",
"datePublished": "2020-09-24T15:13:38.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12840 (GCVE-0-2020-12840)
Vulnerability from nvd – Published: 2020-09-24 15:14 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:14:12.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12840",
"datePublished": "2020-09-24T15:14:13.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12839 (GCVE-0-2020-12839)
Vulnerability from nvd – Published: 2020-09-24 15:16 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:23.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:16:51.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12839",
"datePublished": "2020-09-24T15:16:51.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:23.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12838 (GCVE-0-2020-12838)
Vulnerability from nvd – Published: 2020-09-24 15:18 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:18:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12838",
"datePublished": "2020-09-24T15:18:44.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12837 (GCVE-0-2020-12837)
Vulnerability from nvd – Published: 2020-09-24 15:15 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:15:43.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12837",
"datePublished": "2020-09-24T15:15:43.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12282 (GCVE-0-2020-12282)
Vulnerability from nvd – Published: 2020-09-24 15:10 – Updated: 2024-08-04 11:48
VLAI
EPSS
VEX
Summary
iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:10:45.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12282",
"datePublished": "2020-09-24T15:10:45.000Z",
"dateReserved": "2020-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:48:58.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12281 (GCVE-0-2020-12281)
Vulnerability from nvd – Published: 2020-09-24 15:06 – Updated: 2024-08-04 11:48
VLAI
EPSS
VEX
Summary
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:06:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12281",
"datePublished": "2020-09-24T15:06:42.000Z",
"dateReserved": "2020-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:48:58.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12280 (GCVE-0-2020-12280)
Vulnerability from nvd – Published: 2020-09-24 15:01 – Updated: 2024-08-04 11:48
VLAI
EPSS
VEX
Summary
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:01:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12280",
"datePublished": "2020-09-24T15:01:38.000Z",
"dateReserved": "2020-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:48:58.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13119 (GCVE-0-2020-13119)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:20 – Updated: 2024-08-04 12:11
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to clickjacking.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to clickjacking."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:20:51.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to clickjacking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13119",
"datePublished": "2020-09-24T15:20:51.000Z",
"dateReserved": "2020-05-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:19.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12843 (GCVE-0-2020-12843)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:20 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:23.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:20:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12843",
"datePublished": "2020-09-24T15:20:01.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:23.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12838 (GCVE-0-2020-12838)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:18 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:18:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12838",
"datePublished": "2020-09-24T15:18:44.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12842 (GCVE-0-2020-12842)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:17 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:17:57.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12842",
"datePublished": "2020-09-24T15:17:57.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12839 (GCVE-0-2020-12839)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:16 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:23.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:16:51.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12839",
"datePublished": "2020-09-24T15:16:51.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:23.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12837 (GCVE-0-2020-12837)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:15 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:15:43.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12837",
"datePublished": "2020-09-24T15:15:43.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12840 (GCVE-0-2020-12840)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:14 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:14:12.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12840",
"datePublished": "2020-09-24T15:14:13.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12841 (GCVE-0-2020-12841)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:13 – Updated: 2024-08-04 12:04
VLAI
EPSS
VEX
Summary
ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:13:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12841",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12841",
"datePublished": "2020-09-24T15:13:38.000Z",
"dateReserved": "2020-05-13T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:04:22.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12282 (GCVE-0-2020-12282)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:10 – Updated: 2024-08-04 11:48
VLAI
EPSS
VEX
Summary
iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:10:45.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12282",
"datePublished": "2020-09-24T15:10:45.000Z",
"dateReserved": "2020-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:48:58.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12281 (GCVE-0-2020-12281)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:06 – Updated: 2024-08-04 11:48
VLAI
EPSS
VEX
Summary
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:06:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12281",
"datePublished": "2020-09-24T15:06:42.000Z",
"dateReserved": "2020-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:48:58.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12280 (GCVE-0-2020-12280)
Vulnerability from cvelistv5 – Published: 2020-09-24 15:01 – Updated: 2024-08-04 11:48
VLAI
EPSS
VEX
Summary
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ismartgate.com/secure-garage-door/ | x_refsource_MISC |
| https://kth.diva-portal.org/smash/get/diva2:14644… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:48:58.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T15:01:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ismartgate.com/secure-garage-door/",
"refsource": "MISC",
"url": "https://ismartgate.com/secure-garage-door/"
},
{
"name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf",
"refsource": "MISC",
"url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12280",
"datePublished": "2020-09-24T15:01:38.000Z",
"dateReserved": "2020-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T11:48:58.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}