CVE-2012-0297 Symantec Web Gateway Vulnerability

🗓️ 21 May 2012 00:00:00Reported by AttackerKBType

Symantec Web Gateway 5.0.x before 5.0.3 allows remote code execution by injecting or including crafted data in the management GUI

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 35
Dsquare	Symantec Web Gateway 5.0.2 RCE	9 Jun 201200:00	–	dsquare
Dsquare	Symantec Web Gateway 5.0.2 LFI	9 Jun 201200:00	–	dsquare
Saint	Symantec Web Gateway access_log PHP Injection	11 Jun 201200:00	–	saint
Saint	Symantec Web Gateway access_log PHP Injection	11 Jun 201200:00	–	saint
Saint	Symantec Web Gateway access_log PHP Injection	11 Jun 201200:00	–	saint
Saint	Symantec Web Gateway access_log PHP Injection	11 Jun 201200:00	–	saint
Metasploit	Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection	10 Jun 201220:38	–	metasploit
Metasploit	Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability	28 May 201203:47	–	metasploit
Packet Storm	Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection	11 Jun 201200:00	–	packetstorm
Packet Storm	Symantec Web Gateway 5.0.2.8 Command Execution	28 May 201200:00	–	packetstorm

Source	Link
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
symantec	www.symantec.com/security_response/securityupdates/detail.jsp
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-12-090
github	www.github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/symantec_web_gateway_exec.rb
securityfocus	www.securityfocus.com/bid/53444

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 May 2012 00:00Current

2.5Low risk

Vulners AI Score2.5

EPSS0.89461