VYPR
Critical severity9.8NVD Advisory· Published Jan 26, 2023· Updated Jun 17, 2026

CVE-2022-42490

CVE-2022-42490

Description

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is reachable through the m2m's DOWNLOAD_CFG_FILE command

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Siretta/QUARTZ-GOLDllm-fuzzy2 versions
    = G5.0.1.5-210720-141020+ 1 more
    • (no CPE)range: = G5.0.1.5-210720-141020
    • (no CPE)range: G5.0.1.5-210720-141020

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.