Vulnerability Details : CVE-2012-0297
Public exploit exists!
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2012-0297
Probability of exploitation activity in the next 30 days: 97.35%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2012-0297
-
Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability
Disclosure Date: 2012-05-17First seen: 2020-04-26exploit/linux/http/symantec_web_gateway_lfiThis module exploits a vulnerability found in Symantec Web Gateway's HTTP service. By injecting PHP code in the access log, it is possible to load it with a directory traversal flaw, which allows remote code execution under the context of 'apache'. Please note tha -
Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection
Disclosure Date: 2012-05-17First seen: 2020-04-26exploit/linux/http/symantec_web_gateway_execThis module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service due to the insecure usage of the exec() function. This module abuses the spywall/ipchange.php file to execute arbitrary OS commands without authentication. Au
CVSS scores for CVE-2012-0297
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2012-0297
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-0297
-
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00
Symantec Web Gateway Multiple Security IssuesVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/75731
Symantec Web Gateway file include CVE-2012-0297 Vulnerability Report
-
http://www.securityfocus.com/bid/53444
Symantec Web Gateway Remote Shell Command Execution Vulnerability
Products affected by CVE-2012-0297
- cpe:2.3:a:symantec:web_gateway:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:web_gateway:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:web_gateway:5.0.2:*:*:*:*:*:*:*