Lucene search
K

11 matches found

Check Point Advisories
Check Point Advisories
added 2015/03/25 12:0 a.m.2 views

Symantec Web Gateway OS Command Injection (CVE-2014-7285; CVE-2016-5313)

A remote command execution vulnerability has been reported in Symantec Web Gateway. The vulnerability is due to improper input validation. A remote attacker can exploit this issue by sending a malicious HTTP request containing a specially crafted parameter to the target server...

9CVSS8.4AI score0.50324EPSS
Exploits10
Circl
Circl
added 2015/03/04 12:0 a.m.11 views

CVE-2014-7285

creationtimestamp| type| source ---|---|--- 2015-03-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36263 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/symantecwebgatewayrestore.rb 2025-02-06 03:13:42+00:0...

6.5CVSS7.3AI score0.50324EPSS
Exploits6References2
Packet Storm
Packet Storm
added 2015/03/03 12:0 a.m.54 views

Symantec Web Gateway 5 restore.php Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Symantec Web Gateway 5 restore.php Post Authentication Command Injection", 'Description' = %q This module exploits a command injecti...

6.5CVSS0.1AI score0.50324EPSS
Exploits6
securityvulns
securityvulns
added 2015/01/02 12:0 a.m.121 views

[KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability

------------------------------------------------------------------------------ Symantec Web Gateway = 5.2.1 restore.php OS Command Injection Vulnerability ------------------------------------------------------------------------------ - Software Link: http://www.symantec.com/web-gateway/ - Affecte...

6.5CVSS0.7AI score0.50324EPSS
Exploits6
0day.today
0day.today
added 2015/01/01 12:0 a.m.42 views

Symantec Web Gateway 5.2.1 OS Command Injection Vilnerability

Symantec Web Gateway versions 5.2.1 and below suffer from a remote OS command injection vulnerability. ------------------------------------------------------------------------------ Symantec Web Gateway = 5.2.1 restore.php OS Command Injection Vulnerability...

6.5CVSS9AI score0.50324EPSS
Exploits6
Packet Storm
Packet Storm
added 2014/12/31 12:0 a.m.45 views

Symantec Web Gateway 5.2.1 OS Command Injection

------------------------------------------------------------------------------ Symantec Web Gateway = 5.2.1 restore.php OS Command Injection Vulnerability ------------------------------------------------------------------------------ - Software Link: http://www.symantec.com/web-gateway/ - Affecte...

6.5CVSS0.5AI score0.50324EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2014/12/19 12:0 a.m.29 views

Symantec Web Gateway < 5.2.2 Authenticated OS Command Injection (SYM14-016)

According to its self-reported version number, the remote web server is hosting a version of Symantec Web Gateway prior to version 5.2.2. It is, therefore, affected by a operating system OS command injection vulnerability in an unspecified PHP script which impacts the management console. A remote...

6.5CVSS8.4AI score0.50324EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2014/12/18 12:0 a.m.34 views

Symantec Web Gateway < 5.2.2 Command Injection Vulnerability

Symantec Web Gateway is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.5CVSS8.7AI score0.50324EPSS
Exploits6References2
CVE
CVE
added 2014/12/17 4:0 p.m.63 views

CVE-2014-7285

CVE-2014-7285 affects Symantec Web Gateway (SWG) appliances running versions prior to 5.2.2. The vulnerability is an authenticated OS command injection in the management console, due to improper input validation in PHP scripts (notably potentially in restore-related functionality). An authenticat...

6.5CVSS8.8AI score0.50324EPSS
Exploits6References7Affected Software1
Cvelist
Cvelist
added 2014/12/17 4:0 p.m.34 views

CVE-2014-7285

The management console on the Symantec Web Gateway SWG appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts...

7.3AI score0.50324EPSS
Exploits6References7
Symantec
Symantec
added 2014/12/16 8:0 a.m.29 views

Symantec Web Gateway OS Authenticated Command Injection

SUMMARY Symantec's Web Gateway SWG Appliance management console is susceptible to operating system command injection by an authenticated but less-privileged user. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec Web Gateway Appliance | 5.2.1 and prior | Symantec Web Gateway 5.2...

6.5CVSS0.4AI score0.50324EPSS
Exploits6Affected Software1
Rows per page
Query Builder