Filtered by vendor Siretta Subscriptions
Filtered by product Quartz-gold Firmware Subscriptions
Total 64 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-38451 2 Freshtomato, Siretta 3 Freshtomato, Quartz-gold, Quartz-gold Firmware 2024-11-21 7.5 High
A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2022-38088 1 Siretta 2 Quartz-gold, Quartz-gold Firmware 2024-11-21 6.5 Medium
A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2022-38066 1 Siretta 2 Quartz-gold, Quartz-gold Firmware 2024-11-21 8.8 High
An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP response can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.
CVE-2022-36279 1 Siretta 2 Quartz-gold, Quartz-gold Firmware 2024-11-21 8.8 High
A stack-based buffer overflow vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.