Unrated severityNVD Advisory· Published Dec 17, 2014· Updated Jun 17, 2026
CVE-2014-7285
CVE-2014-7285
Description
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:symantec:web_gateway:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:symantec:web_gateway:*:*:*:*:*:*:*:*range: <=5.2.1
- (no CPE)range: <5.2.2
Patches
Vulnerability mechanics
References
7- www.symantec.com/security_response/securityupdates/detail.jspnvdVendor Advisory
- karmainsecurity.com/KIS-2014-19nvd
- osvdb.org/show/osvdb/116009nvd
- packetstormsecurity.com/files/130612/Symantec-Web-Gateway-5-restore.php-Command-Injection.htmlnvd
- www.exploit-db.com/exploits/36263nvd
- www.securityfocus.com/bid/71620nvd
- www.securitytracker.com/id/1031386nvd
News mentions
0No linked articles in our index yet.