CVE-2022-41028

Vulnerability

A stack-based buffer overflow vulnerability exists in the DetranCLI command parsing of Siretta QUARTZ-GOLD industrial router, version G5.0.1.5-210720-141020 [1]. The overflow occurs in the function that manages the no vpn schedule name1 WORD name2 WORD policy (failover|backup) description (WORD|null) command template, where sprintf is used without adequate bounds checking [1].

Exploitation

An attacker must have administrative privileges to access the CLI interface and network connectivity to the device. By sending a specially crafted sequence of commands with oversized parameters for the vulnerable template, a stack buffer overflow is triggered. No user interaction is required [1].

Impact

Successful exploitation allows arbitrary command execution with root privileges, leading to complete compromise of device confidentiality, integrity, and availability [1].

Mitigation

As of the publication date, no patch is available from Siretta. Mitigations include restricting network access to the management interface, using firewalls or VPNs, and monitoring for vendor updates. The affected version is confirmed vulnerable [1].