CVE-2022-40993

Vulnerability

A stack-based buffer overflow vulnerability exists in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD firmware version G5.0.1.5-210720-141020. The flaw is specifically in the function that handles the firmwall keyword WORD description (WORD|null) command template. The vulnerability arises because user-supplied input is copied into a fixed-size stack buffer using sprintf without proper bounds checking, leading to a buffer overflow [1].

Exploitation

An attacker must have network access to the router's CLI (DetranCLI) and possess valid administrative credentials (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H indicates high privileges required). The attacker sends a specially-crafted sequence of commands targeting the vulnerable command template, triggering a stack-based buffer overflow. No user interaction is required [1].

Impact

Successful exploitation allows an attacker to execute arbitrary commands with root privileges, resulting in full compromise of the device's confidentiality, integrity, and availability [1].

Mitigation

As of the advisory publication date (2022-10-20), no patch has been released by Siretta. Users should restrict network access to the router's management interfaces and apply the principle of least privilege. Monitoring vendor updates for a fixed firmware version is recommended. No workaround is currently available [1].