CVEs-PoC/2020/CVE-2020-7294.md

### [CVE-2020-7294](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7294)
![](https://img.shields.io/static/v1?label=Product&message=McAfee%20Web%20Gateway%20(MWG)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%209.2.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%3A%20Improper%20Authentication&color=brighgreen)

### Description

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface.

### POC

#### Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10323

#### Github
No PoCs found on GitHub currently.