5 matches found
CVE-2016-5313
Symantec Web Gateway (SWG) is affected by CVE-2016-5313: before version 5.2.5, the management console contains a flaw in the web interface (notably the /spywall/new_whitelist.php script) that allows remote authenticated users to execute arbitrary OS commands due to improper whitelist validation. ...
Symantec Web Gateway 5.2.2 OS Command Injection Vulnerability
Symantec Web Gateway versions 5.2.2 and below suffer from an OS command injection vulnerability in newwhitelist.php. ------------------------------------------------------------------------------------ Symantec Web Gateway = 5.2.2 newwhitelist.php OS Command Injection Vulnerability...
Symantec Web Gateway 5.2.2 OS Command Injection
------------------------------------------------------------------------------------ Symantec Web Gateway = 5.2.2 newwhitelist.php OS Command Injection Vulnerability ------------------------------------------------------------------------------------ - Software Link: https://www.symantec.com/ -...
Symantec Web Gateway Management Console Interface Command Injection
SUMMARY Symantec has released an update to address a Symantec Web Gateway SWG Management Console Interface command injection issue bypassing validation restrictions to add an unauthorized whitelist entry. AFFECTED PRODUCTS Symantec Web Gateway SWG --- CVE | Affected Versions | Remediation...
Symantec Web Gateway OS Command Injection (CVE-2014-7285; CVE-2016-5313)
A remote command execution vulnerability has been reported in Symantec Web Gateway. The vulnerability is due to improper input validation. A remote attacker can exploit this issue by sending a malicious HTTP request containing a specially crafted parameter to the target server...