### [CVE-2016-10258](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10258)
![](https://img.shields.io/static/v1?label=Product&message=Advanced%20Secure%20Gateway%20(ASG)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=ProxySG&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=6.5%20prior%20to%206.5.10.8%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.6%20prior%20to%206.6.5.14%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.7%20prior%20to%206.7.3.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Unrestricted%20file%20upload&color=brightgreen)

### Description

Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles. A malicious appliance administrator can upload arbitrary malicious files to the management console and trick another administrator user into downloading and executing malicious code.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon