16 matches found
CVE-2021-30648
The Symantec Advanced Secure Gateway ASG and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance...
The vulnerability in the software for network monitoring and IT infrastructure management consoles of the SolarWinds Platform allows a hacker to perform cross-site scripting attacks.
The vulnerability of the software for network monitoring and IT infrastructure management solutions developed by SolarWinds exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attack...
Logitec LAN 安全漏洞
Logitec LAN is a series of routers from Logitec, a Swiss company. A security vulnerability exists in Logitec LAN that stems from the presence of a hidden functionality vulnerability that could allow an unauthenticated attacker to log in to certain management consoles of the product and execute...
Logitec LAN Security Vulnerability
Logitec LAN is a series of routers from Logitech Switzerland. A security vulnerability exists in the Logitec LAN-W300N/PR5 and LAN-W300N/RS, which originates from the ability of an unauthenticated attacker to log in to certain management consoles of the product and execute arbitrary operating...
CVE-2020-8602
A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution...
Design/Logic Flaw
A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution...
CVE-2019-18375
The vulnerability CVE-2019-18375 affects Broadcom ASG (Advanced Secure Gateway) and ProxySG management consoles. A remote attacker with access to the appliance management interface can hijack an active session and access the management console with the hijacked user’s privileges. Impact is sessio...
Symantec Advanced Secure Gateway and ProxySG Arbitrary File Upload Vulnerability
Symantec Advanced Secure Gateway ASG and ProxySG are both security gateway appliances from Symantec USA. An arbitrary file upload vulnerability exists in Symantec ASG and ProxySG management consoles. An attacker could exploit this vulnerability to upload arbitrary malicious files to the managemen...
CVE-2017-13678
Stored XSS vulnerability in the Symantec Advanced Secure Gateway ASG and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application...
Cross site scripting
Stored XSS vulnerability in the Symantec Advanced Secure Gateway ASG and ProxySG management consoles. A malicious appliance administrator can inject arbitrary JavaScript code in the management console web client application...
CVE-2017-13677
Denial-of-service DoS vulnerability in the Symantec Advanced Secure Gateway ASG and ProxySG management consoles. A remote attacker can use crafted HTTP/HTTPS requests to cause denial-of-service through management console application crashes...
CVE-2016-10258
Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway ASG and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code...
SA162: Multiple ASG and ProxySG Vulnerabilities
SUMMARY The Symantec ASG and ProxySG management consoles are susceptible to several vulnerabilities. A remote attacker, with access to the management console, can cause denial of service through management console application crashes. A malicious appliance administrator can also inject arbitrary...
CVE-2016-9097
The Symantec Advanced Secure Gateway ASG 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only acce...
Bluecoat ASG 6.6CAS 1.3 - Local Privilege Escalation (Metasploit)
Bluecoat ASG 6.6CAS 1.3 - Local Privilege Escalation Metasploit Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Contact: chrisdhebertatgmail.com Vendor Security Advisory:...
Symantec Workspace Streaming/Workspace Virtualization Path Traversal Vulnerability
Symantec Workspace Streaming enables on-demand application setup, real-time software license management, and instant application upgrades.Symantec Workspace Virtualization enables application virtualization, which reduces application conflicts, lowers testing requirements, and reduces support...