Vulnerability Details : CVE-2017-6326
Public exploit exists!
The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process.
Vulnerability category: Execute code
Products affected by CVE-2017-6326
- cpe:2.3:a:symantec:messaging_gateway:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-6326
36.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2017-6326
-
Symantec Messaging Gateway Remote Code Execution
Disclosure Date: 2017-04-26First seen: 2020-04-26exploit/linux/http/symantec_messaging_gateway_execThis module exploits the command injection vulnerability of Symantec Messaging Gateway product. An authenticated user can execute a terminal command under the context of the web server user which is root. backupNow.do endpoint takes several user inputs and then pass them to
CVSS scores for CVE-2017-6326
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
10.0
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
3.9
|
6.0
|
NIST |
References for CVE-2017-6326
-
http://www.securityfocus.com/bid/98893
Symantec Messaging Gateway CVE-2017-6326 Remote Code Execution VulnerabilityThird Party Advisory;VDB Entry
-
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170621_00
Symantec Messaging Gateway Multiple VulnerabilitiesMitigation;Vendor Advisory
-
https://www.exploit-db.com/exploits/42251/
Symantec Messaging Gateway 10.6.2-7 - Remote Code Execution (Metasploit)
-
http://www.securitytracker.com/id/1038785
Symantec Messaging Gateway Multiple Flaws Let Remote Users Bypass Security Restrictions and Execute Arbitrary Code - SecurityTracker
Jump to