CyberSec.Space Logo
CVEブラウザに戻る

CVE-2015-2849

HIGH
7.5
CVSS Severity Score
EPSS Score0.1250%
EPSS Percentile16.27th
Published2015年7月7日
Last Modified2026年5月6日

Vulnerability Description

SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter.

Affected Platforms (CPE)

🔌
Antlabs

Inngate Ig 3.01 E

All versions
🔌
Antlabs

Inngate Ig 3.10 E

All versions
🔌
Antlabs

Inngate Ig 3.10 M

All versions
🔌
Antlabs

Inngate Ig 3100

All versions
🔌
Antlabs

Inngate Sg 4

All versions
🔌
Antlabs

Inngate Ssg 4

All versions

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/485324
🔗 http://www.kb.cert.org/vuls/id/485324

関連する脆弱性情報

CVE-2015-093210.0

The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, ...

CVE-2015-28504.3

Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3....

CVE-2015-033310.0

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux ...

CVE-2015-035410.0

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux ...