CyberSec.Space Logo
Back to CVE Browser

CVE-2015-0932

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1630%
EPSS Percentile31.41th
PublishedApr 5, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on port 873.

Affected Platforms (CPE)

πŸ”Œ
Antlabs

Inngate Ig 3.00 E

All versions
πŸ”Œ
Antlabs

Inngate Ig 3.01 E

All versions
πŸ”Œ
Antlabs

Inngate Ig 3.02 E

All versions
πŸ”Œ
Antlabs

Inngate Ig 3.10 E

All versions
πŸ”Œ
Antlabs

Inngate Ig 3.10 G

All versions
πŸ”Œ
Antlabs

Inngate Ig 3100

All versions
πŸ”Œ
Antlabs

Inngate Ig 3101

All versions

References & Advisories

πŸ”— http://blog.cylance.com/spear-team-cve-2015-0932
πŸ”— http://www.antlabs.com/index.php?option=com_content&view=article&id=195:rsync-remote-file-system-access-vulnerability-cve-2015-0932&catid=54:advisories&Itemid=133
πŸ”— http://www.kb.cert.org/vuls/id/930956
πŸ”— http://www.wired.com/2015/03/big-vulnerability-hotel-wi-fi-router-puts-guests-risk/
πŸ”— http://blog.cylance.com/spear-team-cve-2015-0932
πŸ”— http://www.antlabs.com/index.php?option=com_content&view=article&id=195:rsync-remote-file-system-access-vulnerability-cve-2015-0932&catid=54:advisories&Itemid=133
πŸ”— http://www.kb.cert.org/vuls/id/930956
πŸ”— http://www.wired.com/2015/03/big-vulnerability-hotel-wi-fi-router-puts-guests-risk/

Related Vulnerabilities

CVE-2015-28497.5

SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M...

CVE-2015-28504.3

Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3....

CVE-2015-098710.0

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password tra...

CVE-2015-304810.0

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to ex...