Filtered by vendor Siretta
Subscriptions
Filtered by product Quartz-gold
Subscriptions
Total
64 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-38459 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-08-03 | 8.8 High |
| A stack-based buffer overflow vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2022-38088 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-08-03 | 6.5 Medium |
| A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2022-38066 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-08-03 | 8.8 High |
| An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP response can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability. | ||||
| CVE-2022-36279 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-08-03 | 8.8 High |
| A stack-based buffer overflow vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | ||||