VYPR

QUARTZ-GOLD

by Siretta

CVEs (64)

  • CVE-2022-40986CriJan 26, 2023
    risk 0.64cvss 9.8epss 0.01

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-40985CriJan 26, 2023
    risk 0.64cvss 9.8epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-40222CriJan 26, 2023
    risk 0.64cvss 9.8epss 0.04

    An OS command injection vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.

  • CVE-2022-40969HigJan 26, 2023
    risk 0.58cvss 8.8epss 0.06

    An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2022-40220HigJan 26, 2023
    risk 0.58cvss 8.8epss 0.04

    An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2022-38459HigJan 26, 2023
    risk 0.58cvss 8.8epss 0.04

    A stack-based buffer overflow vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2022-38066HigJan 26, 2023
    risk 0.58cvss 8.8epss 0.07

    An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP response can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.

  • CVE-2022-39045HigJan 26, 2023
    risk 0.57cvss 8.8epss 0.04

    A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2022-38715HigJan 26, 2023
    risk 0.57cvss 8.8epss 0.04

    A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2022-36279HigJan 26, 2023
    risk 0.57cvss 8.8epss 0.03

    A stack-based buffer overflow vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2022-40701HigJan 26, 2023
    risk 0.53cvss 8.1epss 0.03

    A directory traversal vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2022-38451HigJan 30, 2023
    risk 0.49cvss 7.5epss 0.02

    A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.

  • CVE-2022-41029HigJan 26, 2023
    risk 0.47cvss 7.2epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-41028HigJan 26, 2023
    risk 0.47cvss 7.2epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-41027HigJan 26, 2023
    risk 0.47cvss 7.2epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-41026HigJan 26, 2023
    risk 0.47cvss 7.2epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-41025HigJan 26, 2023
    risk 0.47cvss 7.2epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-41024HigJan 26, 2023
    risk 0.47cvss 7.2epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-41023HigJan 26, 2023
    risk 0.47cvss 7.2epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-41022HigJan 26, 2023
    risk 0.47cvss 7.2epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…