Unauthenticated Remote File Access in ANTlabs InnGate Firmware
CVE-2015-0932 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on port 873.
Learn more about our Web Application Penetration Testing UK.