GateOne Arbitrary File Download Vulnerability CVE-2020-35736 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

10

GateOne Arbitrary File Download Vulnerability CVE-2020-35736 Scanner Detail

There is an unauthenticated file download vulnerability in GateOne.

GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.

Some Advice for Common Problems

You have to update to latest version.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service