Vulnerabilities > Antlabs

DATE	CVE	VULNERABILITY TITLE	RISK
2015-07-07	CVE-2015-2850	Cross-site Scripting vulnerability in Antlabs products Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter. network antlabs CWE-79	4.3
2015-07-07	CVE-2015-2849	SQL Injection vulnerability in Antlabs products SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter. network low complexity antlabs CWE-89	7.5
2015-04-05	CVE-2015-0932	Permissions, Privileges, and Access Controls vulnerability in Antlabs products The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on port 873. network low complexity antlabs CWE-264 critical	10.0

Vulnerabilities > Antlabs {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Antlabs"}]}