Published: 23/07/2012 Updated: 22/12/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to execute arbitrary commands via crafted input to application scripts.

Vulnerable Product	Search on Vulmon	Subscribe to Product
symantec web gateway 5.0.1
symantec web gateway 5.0
symantec web gateway 5.0.2
symantec web gateway 5.0.3

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking ...

#!/usr/bin/python import urllib import sys ''' print "[*] ##############################################################" print "[*] Symantec Web Gateway 50318 pbcontrolphp ROOT RCE Exploit" print "[*] Offensive Security - wwwoffensive-securitycom" print "[*] ##############################################################\n" # 06 Jun ...

CWE-78 http://www.securityfocus.com/bid/54426 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00 http://www.kb.cert.org/vuls/id/108471 https://nvd.nist.gov https://www.exploit-db.com/exploits/20113/https://www.kb.cert.org/vuls/id/108471

CVE-2012-2953

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect