Описание
SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:antlabs:inngate_ig_3.01_e:-:*:*:*:*:*:*:*
cpe:2.3:h:antlabs:inngate_ig_3.10_e:-:*:*:*:*:*:*:*
cpe:2.3:h:antlabs:inngate_ig_3.10_m:-:*:*:*:*:*:*:*
cpe:2.3:h:antlabs:inngate_ig_3100:-:*:*:*:*:*:*:*
cpe:2.3:h:antlabs:inngate_sg_4:-:*:*:*:*:*:*:*
cpe:2.3:h:antlabs:inngate_ssg_4:-:*:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.00473
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter.
EPSS
Процентиль: 64%
0.00473
Низкий
7.5 High
CVSS2
Дефекты
CWE-89