CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
40.6%
SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter.
Vendor | Product | Version | CPE |
---|---|---|---|
antlabs | inngate_ig_3.01_e | - | cpe:2.3:h:antlabs:inngate_ig_3.01_e:-:*:*:*:*:*:*:* |
antlabs | inngate_ig_3.10_e | - | cpe:2.3:h:antlabs:inngate_ig_3.10_e:-:*:*:*:*:*:*:* |
antlabs | inngate_ig_3.10_m | - | cpe:2.3:h:antlabs:inngate_ig_3.10_m:-:*:*:*:*:*:*:* |
antlabs | inngate_ig_3100 | - | cpe:2.3:h:antlabs:inngate_ig_3100:-:*:*:*:*:*:*:* |
antlabs | inngate_sg_4 | - | cpe:2.3:h:antlabs:inngate_sg_4:-:*:*:*:*:*:*:* |
antlabs | inngate_ssg_4 | - | cpe:2.3:h:antlabs:inngate_ssg_4:-:*:*:*:*:*:*:* |