CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
89.6%
ANTlabs InnGate is a gateway device designed for operating corporate guest/visitor networks. Multiple models and firmware versions of the InnGate has been shown to allow read/write access to remote unauthenticated users via a misconfigured rsync
instance.
CWE-276**: Incorrect Default Permissions** The instance of rsync
included with the InnGate firmware is incorrectly configured to allow the entire filesystem to be read/write without authentication. A remote unauthenticated attacker may read or modify any file on the device’s filesystem. More details can be found in a blog post from Cylance, Inc.
Devices containing affected firmware include:
* IG 3100 model 3100, model 3101
* InnGate 3.00 E-Series, 3.01 E-Series, 3.02 E-Series, 3.10 E-Series
* InnGate 3.01 G-Series, 3.10 G-Series
Update the firmware
According to the ANTlabs Security Advisory, a software update addressing this vulnerability has been released. Users are encouraged to upgrade affected devices’ software as soon as possible. Affected users may contact ANTlabs Support ([email protected]) for more information or to obtain the software update.
Block rsync
rsync
TCP port 873 on the affected network.930956
Filter by status: All Affected Not Affected Unknown
Filter by content: __Additional information available
__Sort by: Status Alphabetical
Expand all
Javascript is disabled. Clickhere to view vendors.
Notified: March 03, 2015 Updated: March 26, 2015
Statement Date: March 10, 2015
Affected
We have not received a statement from the vendor.
Devices containing affected firmware include:
* IG 3100 model 3100, model 3101
* InnGate 3.00 E-Series, 3.01 E-Series, 3.02 E-Series, 3.10 E-Series
* InnGate 3.01 G-Series, 3.10 G-Series
According to the , a software update addressing this vulnerability has been released. Users are encouraged to upgrade affected devices’ software as soon as possible. Affected users may contact ANTlabs Support ([email protected]) for more information or to obtain the software update.
Group | Score | Vector |
---|---|---|
Base | 10 | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Temporal | 8.3 | E:F/RL:OF/RC:C |
Environmental | 6.2 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
Credit to Justin W. Clarke of Cylance Inc. for reporting this vulnerability. Also a thank you to ANTlabs for quickly addressing this vulnerability.
This document was written by Garret Wassermann.
CVE IDs: | CVE-2015-0932 |
---|---|
Date Public: | 2015-03-26 Date First Published: |