GCVE - cpe:2.3:o:securecomputing:snapgear_sg560

Approved changes feed: RSS · Atom

cpe:2.3:o:securecomputing:snapgear_sg560_firmware:3.1.5:*:*:*:*:*:*:*

part: o version: 3.1.5 update: *

Vendor	Securecomputing (`c1408c15-dc56-5461-8b21-4b0c722078c7`)
Product	Snapgear Sg560 Firmware (`c14b6d2d-3b06-5f5d-b52f-f906b918cbc7`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-36909`	vulnerable	2026-06-08 05:25:49.811442	Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read/Write MEDIUM (6.5) SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the edit_config_files CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/edit_config_files to access and modify files outside the intended /etc/config/ directory. Published: 2026-01-06T15:52:22.155Z Updated: 2026-01-06T19:36:07.310Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/48556 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5568.php https://packetstorm.news/files/id/157939 https://exchange.xforce.ibmcloud.com/vulnerabilities/182960 https://www.vulncheck.com/advisories/secure-computing-snapgear-management-console-sg-arbitrary-file-readwrite	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-36908`	vulnerable	2026-06-08 05:25:49.810075	Secure Computing SnapGear Management Console SG560 3.1.5 Cross-Site Request Forgery via Admin Users MEDIUM (5.3) SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full administrative privileges when a logged-in user visits the page. Published: 2026-01-06T15:52:21.719Z Updated: 2026-01-06T19:09:54.825Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/48554 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5567.php https://packetstorm.news/files/id/157937 https://exchange.xforce.ibmcloud.com/vulnerabilities/182969 https://www.vulncheck.com/advisories/secure-computing-snapgear-management-console-sg-cross-site-request-forgery-via-admin-users	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Snapgear Sg560 Firmware

PURL mappings

Vulnerability references

Contribute