Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2015-0932

Published: 05/04/2015 Updated: 15/04/2015
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Antlabs

Vulnerability Summary

The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote malicious users to read or write to arbitrary files via TCP traffic on port 873.

Vulnerable Product Search on Vulmon Subscribe to Product

antlabs inngate ig 3.02 e

antlabs inngate ig 3.10 e

antlabs inngate ig 3.10 g

antlabs inngate ig 3101

antlabs inngate ig 3.01 e

antlabs inngate ig 3100

antlabs inngate ig 3.00 e

Recent Articles

Hotel Wi-Fi not only hideously expensive – it's horribly insecure
The Register • Iain Thomson in San Francisco • 27 Mar 2015

Wide-open rsync blunder leaves popular gateways vulnerable to hijacking

Travelers are used to getting screwed over by hotel internet access. But it's not just the eye-watering Wi-Fi prices guests should be worried about. A major security flaw in a network gateway popular among hoteliers can be exploited by hackers to launch attacks against guests by injecting malware into their downloads over unencrypted connections. Compromised gateways can also be used to infiltrate sensitive areas of a hotel's network, such as its reservation systems, it's claimed. The vulnerabil...

Read more...

References

CWE-264http://www.antlabs.com/index.php?option=com_content&view=article&id=195:rsync-remote-file-system-access-vulnerability-cve-2015-0932&catid=54:advisories&Itemid=133http://www.wired.com/2015/03/big-vulnerability-hotel-wi-fi-router-puts-guests-risk/http://blog.cylance.com/spear-team-cve-2015-0932http://www.kb.cert.org/vuls/id/930956https://nvd.nist.govhttps://www.theregister.co.uk/2015/03/27/hotel_antlabs_inngate_rsync_vulnerability/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook