{"vulnerability": "CVE-2020-2903", "sightings": [{"uuid": "629439e2-2174-429a-b7c8-b9334b5c49b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29032", "type": "seen", "source": "https://t.me/cibsecurity/24546", "content": "\u203c CVE-2020-29032 \u203c\n\nUpload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authenticated attacker to execute malicious code on server. This issue affects: Secomea GateManager all versions prior to 9.4.621054022\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-05T20:48:01.000000Z"}, {"uuid": "1d6a8ace-ada4-468e-b798-11885ea5debe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29031", "type": "seen", "source": "https://t.me/cibsecurity/23599", "content": "\u203c CVE-2020-29031 \u203c\n\nAn Insecure Direct Object Reference vulnerability exists in the web UI of the GateManager which allows an authenticated attacker to reset the password of any user in its domain or any sub-domain, via escalation of privileges. This issue affects all GateManager versions prior to 9.2c\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-15T18:46:44.000000Z"}]}