Shodan
Vulnerabilities
Vulnerable Software
Symantec:  >> Web Gateway  >> 5.0.3.18  Security Vulnerabilities
CVE-2016-5313
Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated users to execute arbitrary OS commands.
CVSS Score
8.8
EPSS Score
0.258
Published
2017-04-12
CVE-2015-6548
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
5.8
EPSS Score
0.014
Published
2015-09-20
CVE-2015-6547
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands at boot time via unspecified vectors.
CVSS Score
8.3
EPSS Score
0.013
Published
2015-09-20
CVE-2015-5693
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to "traffic capture."
CVSS Score
7.9
EPSS Score
0.014
Published
2015-09-20
CVE-2015-5692
admin_messages.php in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary code by uploading a file with a safe extension and content type, and then leveraging an improper Sudo configuration to make this a setuid-root file.
CVSS Score
7.9
EPSS Score
0.07
Published
2015-09-20
CVE-2015-5691
Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated an attack against admin_messages.php.
CVSS Score
4.3
EPSS Score
0.014
Published
2015-09-20
CVE-2015-5690
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging a "redirect."
CVSS Score
8.5
EPSS Score
0.003
Published
2015-09-20
CVE-2014-7285
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
CVSS Score
6.5
EPSS Score
0.706
Published
2014-12-17
CVE-2013-5017
SNMPConfig.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote attackers to execute arbitrary commands via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.25
Published
2014-06-18
CVE-2014-1650
SQL injection vulnerability in user.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
5.2
EPSS Score
0.007
Published
2014-06-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved