VYPR

QUARTZ-GOLD

by Siretta

CVEs (64)

  • CVE-2022-41021HigJan 26, 2023
    risk 0.47cvss 7.2epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-41020HigJan 26, 2023
    risk 0.47cvss 7.2epss 0.02

    Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to…

  • CVE-2022-41154MedJan 26, 2023
    risk 0.42cvss 6.5epss 0.02

    A directory traversal vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary file deletion. An attacker can send a network request to trigger this vulnerability.

  • CVE-2022-38088MedJan 26, 2023
    risk 0.42cvss 6.5epss 0.02

    A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.

Page 4 of 4