Secure Computing SnapGear SG560

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:h:securecomputing:snapgear_sg560:-:*:*:*:*:*:*:*

part: h version: - update: *

VendorSecurecomputing (c1408c15-dc56-5461-8b21-4b0c722078c7)
ProductSnapgear Sg560 (72c63994-a03d-503f-a0f5-61b0cdc4dcfd)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2020-36909 not_vulnerable 2026-06-08 05:25:49.811464 Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read/Write
MEDIUM (6.5)
SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the edit_config_files CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/edit_config_files to access and modify files outside the intended /etc/config/ directory.
Published: 2026-01-06T15:52:22.155Z
Updated: 2026-01-06T19:36:07.310Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-36908 not_vulnerable 2026-06-08 05:25:49.810994 Secure Computing SnapGear Management Console SG560 3.1.5 Cross-Site Request Forgery via Admin Users
MEDIUM (5.3)
SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full administrative privileges when a logged-in user visits the page.
Published: 2026-01-06T15:52:21.719Z
Updated: 2026-01-06T19:09:54.825Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.