ANTlabs InnGate is a gateway device designed for operating corporate guest/visitor networks. Multiple InnGate models have been confirmed to be vulnerable to SQL injection and cross-site scripting attacks.
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - CVE-2015-2849
The ppli URL parameter of the main.ant page is vulnerable to SQL injection. A remote attacker can perform arbitrary queries on the underlying database. According to ANTLabs, only https connections are vulnerable to this attack.
The CVSS score below is based on CVE-2015-2849.
A remote attacker may be able exploit CVE-2015-2849 to execute arbitrary queries on the backend datastore.
Apply an update
Thanks to Devesh Logendran for reporting these vulnerabilities.
This document was written by Garret Wassermann.