Vulnerabilities > Antlabs
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-07-07 | CVE-2015-2850 | Cross-site Scripting vulnerability in Antlabs products Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |
2015-07-07 | CVE-2015-2849 | SQL Injection vulnerability in Antlabs products SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter. | 7.5 |
2015-04-05 | CVE-2015-0932 | Permissions, Privileges, and Access Controls vulnerability in Antlabs products The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on port 873. | 10.0 |