[FD] [CVE-2023-22620] SecurePoint UTM <= 12.2.5 “spcgi.cgi” sessionId Information Disclosure Allowing Device Takeover

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION === Product:SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Exposure of Sensitive Information to an Unauthorized Actor [CWE-200] Date fou

[FD] [CVE-2023-22897] SecurePoint UTM <= 12.2.5 “spcgi.cgi” Remote Memory Contents Information Disclosure

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION === Product:SecurePoint UTM Vendor URL: https://www.securepoint.de/en/for-companies/firewall-vpn Type: Use of Uninitialized Variable [CWE-457] Date found: 2023-01-05 Date publis