CVE-2012-0297
Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
La interfaz de gestión en Symantec Web Gateway v5.0.x anteriores a v5.0.3 no restringe adecuadamente el acceso a los scripts de aplicaciones, lo que permite a atacantes remotos ejecutar código de su elección mediante (1) inyección de datos manipulados o (2) inclusión de datos manipulados.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability.
The specific flaw exists due to insufficiently filtered user-supplied data used in a call to exec() in multiple script pages. The affected scripts are located in '/spywall/ipchange.php' and 'network.php'. There is also a flaw in '/spywall/download_file.php' that allows unauthenticated users to download and delete any file on the server.
Symantec Web Gateway version 5.0.2.8 suffers from local file inclusion, remote command execution, and arbitrary file deletion vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-01-04 CVE Reserved
- 2012-05-21 CVE Published
- 2012-05-26 First Exploit
- 2024-08-06 CVE Updated
- 2024-09-27 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/53444 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/75731 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/18942 | 2012-05-28 | |
https://www.exploit-db.com/exploits/19406 | 2012-06-27 | |
https://www.exploit-db.com/exploits/18932 | 2012-05-26 | |
https://www.exploit-db.com/exploits/19065 | 2012-06-12 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Symantec Search vendor "Symantec" | Web Gateway Search vendor "Symantec" for product "Web Gateway" | 5.0 Search vendor "Symantec" for product "Web Gateway" and version "5.0" | - |
Affected
| ||||||
Symantec Search vendor "Symantec" | Web Gateway Search vendor "Symantec" for product "Web Gateway" | 5.0.1 Search vendor "Symantec" for product "Web Gateway" and version "5.0.1" | - |
Affected
| ||||||
Symantec Search vendor "Symantec" | Web Gateway Search vendor "Symantec" for product "Web Gateway" | 5.0.2 Search vendor "Symantec" for product "Web Gateway" and version "5.0.2" | - |
Affected
|