Siretta Quartz-Gold vulnerabilities
64 known vulnerabilities affecting siretta/quartz-gold.
Total CVEs
64
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL43HIGH19MEDIUM2
Vulnerabilities
Page 4 of 4
CVE-2022-41020P3HIGHCVSS 7.2vG5.0.1.5-210720-1410202023-01-26
CVE-2022-41020 [HIGH] CWE-120 CVE-2022-41020: Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functiona
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that man
nvd
CVE-2022-38451P3HIGHCVSS 7.5vG5.0.1.5-210720-1410202023-01-30
CVE-2022-38451 [HIGH] CWE-22 CVE-2022-38451: A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022
A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2022-38088P3MEDIUMCVSS 6.5vG5.0.1.5-210720-1410202023-01-26
CVE-2022-38088 [MEDIUM] CWE-22 CVE-2022-38088: A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ
A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
nvd
CVE-2022-41154P3MEDIUMCVSS 6.5vG5.0.1.5-210720-1410202023-01-26
CVE-2022-41154 [MEDIUM] CWE-22 CVE-2022-41154: A directory traversal vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUART
A directory traversal vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary file deletion. An attacker can send a network request to trigger this vulnerability.
nvd
← Previous4 / 4