Description
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by S2 Crew · textwebappslinux
https://www.exploit-db.com/exploits/19406
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/75732
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53442
Scores
EPSS
0.0437
EPSS Percentile
89.0%
Details
CWE
CWE-264
Status
published
Products (3)
symantec/web_gateway
5.0
symantec/web_gateway
5.0.1
symantec/web_gateway
5.0.2
Published
May 21, 2012
Tracked Since
Feb 18, 2026