Full title: Symantec Endpoint Protection Manager Remote Command Execution 
Category: remote exploits
Platform: windows
This Metasploit module exploits XXE and SQL injection flaws in Symantec Endpoint Protection Manager versions 11.0, 12.0 and 12.1. When supplying a specially crafted XXE request an attacker can reach SQL injection affected components. As xp_cmdshell is enabled in the included database instance, it's possible to execute arbitrary system commands on the remote system with SYSTEM privileges.

# 0day.today @ http://0day.today/