{
  "schema_version": "1.4.0",
  "id": "GHSA-h4pf-q6rm-x45m",
  "modified": "2025-04-12T12:46:46Z",
  "published": "2022-05-17T04:14:00Z",
  "aliases": [
    "CVE-2015-0932"
  ],
  "details": "The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on port 873.",
  "severity": [],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0932"
    },
    {
      "type": "WEB",
      "url": "http://blog.cylance.com/spear-team-cve-2015-0932"
    },
    {
      "type": "WEB",
      "url": "http://www.antlabs.com/index.php?option=com_content&view=article&id=195:rsync-remote-file-system-access-vulnerability-cve-2015-0932&catid=54:advisories&Itemid=133"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/930956"
    },
    {
      "type": "WEB",
      "url": "http://www.wired.com/2015/03/big-vulnerability-hotel-wi-fi-router-puts-guests-risk"
    }
  ],
  "database_specific": {
    "cwe_ids": [],
    "severity": "HIGH",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-04-05T01:59:00Z"
  }
}