CVE-2022-40701

🗓️ 26 Jan 2023 22:15:15Reported by talosType

A directory traversal vulnerability in Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 allows arbitrary file deletion

Reporter	Title	Published	Views	Family All 8
Cvelist	CVE-2022-40701	26 Jan 202321:24	–	cvelist
CNVD	Siretta QUARTZ-GOLD Directory Traversal Vulnerability (CNVD-2023-17076)	30 Jan 202300:00	–	cnvd
Prion	Directory traversal	26 Jan 202322:15	–	prion
NVD	CVE-2022-40701	26 Jan 202322:15	–	nvd
Talos	Siretta QUARTZ-GOLD httpd delfile.cgi directory traversal vulnerability	26 Jan 202300:00	–	talos
Vulnrichment	CVE-2022-40701	26 Jan 202321:24	–	vulnrichment
Talos Blog	Vulnerability Spotlight: OS command injection, directory traversal and other vulnerabilities found in Siretta Quartz-Gold and FreshTomato	26 Jan 202321:26	–	talosblog
Talos Blog	The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter	2 Aug 202312:00	–	talosblog

Nvd

Vulners

Vulnrichment

Node

siretta quartz-gold_firmwareMatchg5.0.1.5-210720-141020

AND

siretta quartz-goldMatch-

[
  {
    "vendor": "Siretta",
    "product": "QUARTZ-GOLD",
    "versions": [
      {
        "version": "G5.0.1.5-210720-141020",
        "status": "affected"
      }
    ]
  }
]

Source	Link
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2022-1606
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2022-1606

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jan 2023 22:15Current

8.4High risk

Vulners AI Score8.4

CVSS36.5 - 8.1

EPSS0.00074

SSVC

CWE-22