CVE-2014-3439

Symantec Endpoint Protection Manager <12.1 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3439. PoCs published by SEC Consult.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Symantec Endpoint Protection, including XXE for file disclosure and SSRF, XSS for session hijacking, and arbitrary file write/overwrite for DoS or potential code execution. The PoC includes detailed steps and code snippets for each vulnerability.

Description

ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to write to arbitrary files via unspecified vectors.

Exploits (1)

exploitdb WORKING POC

by SEC Consult · textwebappsjsp

https://www.exploit-db.com/exploits/35181

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in Symantec Endpoint Protection, including XXE for file disclosure and SSRF, XSS for session hijacking, and arbitrary file write/overwrite for DoS or potential code execution. The PoC includes detailed steps and code snippets for each vulnerability.

Classification

Working Poc 100%

Attack Type

Xxe | Xss | Dos | Info Leak | Ssrf

Complexity

Moderate

Reliability

Reliable

Target: Symantec Endpoint Protection 12.1.4023.4080

No auth needed

Prerequisites: Network access to the target · Ability to intercept/modify traffic (for XXE) · Ability to send crafted HTTP requests

MITRE ATT&CK