Описание
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-7285
- http://karmainsecurity.com/KIS-2014-19
- http://osvdb.org/show/osvdb/116009
- http://packetstormsecurity.com/files/130612/Symantec-Web-Gateway-5-restore.php-Command-Injection.html
- http://www.exploit-db.com/exploits/36263
- http://www.securityfocus.com/bid/71620
- http://www.securitytracker.com/id/1031386
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141216_00
Связанные уязвимости
nvd
около 11 лет назад
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.