CISA has published an advisory on improper neutralization of null byte or NUL character, off-by-one error, use of hard-coded credentials, and use of password hash with insufficient computational effort vulnerabilities in Secomea GateManager. All versions prior to 9.2c are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to gain remote code execution on the device. Secomea has released a new version to mitigate the reported vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.