Arbitrary File Upload Vulnerability in Symantec Advanced Secure Gateway (ASG) and ProxySG Management Consoles

CVE-2016-10258 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code.

Learn more about our User Device Pen Test.