CVE-2021-30648

The Symantec Advanced Secure Gateway ASG and ProxySG web management consoles are susceptible to an authentication bypass vulnerability. An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance...

Broadcom ProxySG and Advanced Secure Gateway Session Hijacking Vulnerability

Broadcom Advanced Secure Gateway and ProxySG are both secure Web gateway devices from Broadcom. A session hijacking vulnerability exists in the management console in Broadcom Advanced Secure Gateway and ProxySG. A remote attacker could exploit this vulnerability to hijack the session of the...

CVE-2018-18370

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting XSS vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web...

CVE-2016-10257

The Symantec Advanced Secure Gateway ASG 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6, and ProxySG 6.7 prior to 6.7.2.1 management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack ...

CVE-2016-9097

The Symantec Advanced Secure Gateway ASG 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. A malicious administrator with read-only acce...