CyberSec.Space Logo
Back to CVE Browser

CVE-2015-2849

HIGH
7.5
CVSS Severity Score
EPSS Score0.1250%
EPSS Percentile16.27th
PublishedJul 7, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter.

Affected Platforms (CPE)

πŸ”Œ
Antlabs

Inngate Ig 3.01 E

All versions
πŸ”Œ
Antlabs

Inngate Ig 3.10 E

All versions
πŸ”Œ
Antlabs

Inngate Ig 3.10 M

All versions
πŸ”Œ
Antlabs

Inngate Ig 3100

All versions
πŸ”Œ
Antlabs

Inngate Sg 4

All versions
πŸ”Œ
Antlabs

Inngate Ssg 4

All versions

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/485324
πŸ”— http://www.kb.cert.org/vuls/id/485324

Related Vulnerabilities

CVE-2015-093210.0

The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, ...

CVE-2015-28504.3

Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3....

CVE-2015-304810.0

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to ex...

CVE-2015-034110.0

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X a...