Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Quartz\-Gold_firmware
(Siretta)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 64 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-01-26 | CVE-2022-36279 | A stack-based buffer overflow vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | Quartz\-Gold_firmware | 8.8 | ||
| 2023-01-26 | CVE-2022-38066 | An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP response can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability. | Quartz\-Gold_firmware | 8.8 | ||
| 2023-01-26 | CVE-2022-38088 | A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability. | Quartz\-Gold_firmware | 6.5 | ||
| 2023-01-26 | CVE-2022-38459 | A stack-based buffer overflow vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | Quartz\-Gold_firmware | 8.8 | ||
| 2023-01-26 | CVE-2022-38715 | A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | Quartz\-Gold_firmware | 8.8 | ||
| 2023-01-26 | CVE-2022-39045 | A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability. | Quartz\-Gold_firmware | 8.8 | ||
| 2023-01-26 | CVE-2022-40220 | An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability. | Quartz\-Gold_firmware | 8.8 | ||
| 2023-01-26 | CVE-2022-40222 | An OS command injection vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability. | Quartz\-Gold_firmware | 9.8 | ||
| 2023-01-26 | CVE-2022-40701 | A directory traversal vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability. | Quartz\-Gold_firmware | 8.1 | ||
| 2023-01-26 | CVE-2022-40969 | An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability. | Quartz\-Gold_firmware | 8.8 |