Liftoffsoftware Gateone — known CVE vulnerabilities
Every CVE whose affected-product data names Liftoffsoftware Gateone, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-20184 — CVSS 9.8 (critical): GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection.
CVE-2020-35736 — CVSS 7.5 (high): GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.