Lucene search
K

5 matches found

CVE
CVE
added 2017/04/12 10:0 p.m.48 views

CVE-2016-5313

Symantec Web Gateway (SWG) is affected by CVE-2016-5313: before version 5.2.5, the management console contains a flaw in the web interface (notably the /spywall/new_whitelist.php script) that allows remote authenticated users to execute arbitrary OS commands due to improper whitelist validation. ...

9CVSS8.6AI score0.04605EPSS
Exploits4References5Affected Software1
0day.today
0day.today
added 2016/10/07 12:0 a.m.49 views

Symantec Web Gateway 5.2.2 OS Command Injection Vulnerability

Symantec Web Gateway versions 5.2.2 and below suffer from an OS command injection vulnerability in newwhitelist.php. ------------------------------------------------------------------------------------ Symantec Web Gateway = 5.2.2 newwhitelist.php OS Command Injection Vulnerability...

9CVSS9.1AI score0.04605EPSS
Exploits4
Packet Storm
Packet Storm
added 2016/10/06 12:0 a.m.41 views

Symantec Web Gateway 5.2.2 OS Command Injection

------------------------------------------------------------------------------------ Symantec Web Gateway = 5.2.2 newwhitelist.php OS Command Injection Vulnerability ------------------------------------------------------------------------------------ - Software Link: https://www.symantec.com/ -...

0.2AI score0.04605EPSS
Exploits4
Symantec
Symantec
added 2016/10/05 8:0 a.m.25 views

Symantec Web Gateway Management Console Interface Command Injection

SUMMARY Symantec has released an update to address a Symantec Web Gateway SWG Management Console Interface command injection issue bypassing validation restrictions to add an unauthorized whitelist entry. AFFECTED PRODUCTS Symantec Web Gateway SWG --- CVE | Affected Versions | Remediation...

9CVSS1.5AI score0.04605EPSS
Exploits4Affected Software1
Check Point Advisories
Check Point Advisories
added 2015/03/25 12:0 a.m.2 views

Symantec Web Gateway OS Command Injection (CVE-2014-7285; CVE-2016-5313)

A remote command execution vulnerability has been reported in Symantec Web Gateway. The vulnerability is due to improper input validation. A remote attacker can exploit this issue by sending a malicious HTTP request containing a specially crafted parameter to the target server...

9CVSS8.4AI score0.50324EPSS
Exploits10
Rows per page
Query Builder