Siretta

Quartz-gold Firmware

64 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-42484

Exploit
  • EPSS 0.61%
  • Veröffentlicht 30.01.2023 11:15:09
  • Zuletzt bearbeitet 21.11.2024 07:25:03

An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.

7.5

CVE-2022-38451

Exploit
  • EPSS 4.16%
  • Veröffentlicht 30.01.2023 11:15:09
  • Zuletzt bearbeitet 21.11.2024 07:16:30

A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.

9.8

CVE-2022-42493

  • EPSS 3.85%
  • Veröffentlicht 26.01.2023 22:15:25
  • Zuletzt bearbeitet 04.11.2025 20:16:12

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these v...

9.8

CVE-2022-42492

  • EPSS 3.85%
  • Veröffentlicht 26.01.2023 22:15:24
  • Zuletzt bearbeitet 04.11.2025 20:16:12

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these v...

9.8

CVE-2022-42491

  • EPSS 3.85%
  • Veröffentlicht 26.01.2023 22:15:24
  • Zuletzt bearbeitet 04.11.2025 20:16:12

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these v...

9.8

CVE-2022-42490

  • EPSS 3.85%
  • Veröffentlicht 26.01.2023 22:15:24
  • Zuletzt bearbeitet 04.11.2025 20:16:12

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these v...

9.8

CVE-2022-41991

Exploit
  • EPSS 0.54%
  • Veröffentlicht 26.01.2023 22:15:23
  • Zuletzt bearbeitet 21.11.2024 07:24:13

A heap-based buffer overflow vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to a heap buffer overflow. An attacker can send a network request t...

6.5

CVE-2022-41154

Exploit
  • EPSS 1.24%
  • Veröffentlicht 26.01.2023 22:15:23
  • Zuletzt bearbeitet 21.11.2024 07:22:43

A directory traversal vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary file deletion. An attacker can send a network request to trigg...

9.8

CVE-2022-41030

Exploit
  • EPSS 3.49%
  • Veröffentlicht 26.01.2023 22:15:23
  • Zuletzt bearbeitet 04.11.2025 20:16:11

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a...

7.2

CVE-2022-41029

Exploit
  • EPSS 3.49%
  • Veröffentlicht 26.01.2023 22:15:23
  • Zuletzt bearbeitet 04.11.2025 20:16:10

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a...