Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-1616

CWE-78OS Command Injection4 documents4 sources
Severity
8.3HIGH
EPSS
15.7%
top 5.30%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Symantec WEB Gateway
Timeline
PublishedAug 1
Latest updateMay 17

Description

The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.

CVSS vector

AV:A/AC:L/C:C/I:C/A:CExploitability: 6.5 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-h6vj-hgf8-4cf9: The management console on the Symantec Web Gateway (SWG) appliance before 52022-05-17
CVEList
CVE-2013-1616: The management console on the Symantec Web Gateway (SWG) appliance before 52013-07-31

💥Exploits & PoCs

1
Exploit-DB
Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities2013-07-27
CVE-2013-1616 (HIGH CVSS 8.3) | The management console on the Syman | cvebase.io