Vulnerability Details : CVE-2014-7285
Public exploit exists!
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
Exploit prediction scoring system (EPSS) score for CVE-2014-7285
47.94%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2014-7285
-
Symantec Web Gateway 5 restore.php Post Authentication Command Injection
Disclosure Date: 2014-12-16First seen: 2020-04-26exploit/linux/http/symantec_web_gateway_restoreThis module exploits a command injection vulnerability found in Symantec Web Gateway's setting restoration feature. The filename portion can be used to inject system commands into a syscall function, and gain control under the context of HTTP service. For
CVSS scores for CVE-2014-7285
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2014-7285
-
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-7285
-
http://www.securityfocus.com/bid/71620
Symantec Web Gateway CVE-2014-7285 Command Injection Vulnerability
-
http://www.securitytracker.com/id/1031386
Symantec Web Gateway Lets Remote Authenticated Users Execute Arbitrary Commands - SecurityTracker
-
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141216_00
Symantec Web Gateway OS Authenticated Command InjectionVendor Advisory
-
http://karmainsecurity.com/KIS-2014-19
Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability | Karma(In)Security
-
http://packetstormsecurity.com/files/130612/Symantec-Web-Gateway-5-restore.php-Command-Injection.html
Symantec Web Gateway 5 restore.php Command Injection ≈ Packet Storm
-
http://www.exploit-db.com/exploits/36263
Symantec Web Gateway 5 - 'restore.php' (Authenticated) Command Injection (Metasploit) - Linux remote Exploit
Products affected by CVE-2014-7285
- cpe:2.3:a:symantec:web_gateway:*:*:*:*:*:*:*:*