7638 matches found
CVE-2022-41019
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41015
CVE-2022-41015 affects Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020). TALOS reports multiple stack-based buffer overflow vulnerabilities in the DetranCLI command parsing, specifically in the vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD password WORD firewall (on|off) defroute...
CVE-2022-41018
CVE-2022-41018 affects Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) via stack-based buffer overflow vulnerabilities in the DetranCLI command parsing logic. The exploits target the no vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|o...
CVE-2022-41011
CVE-2022-41011 concerns Siretta QUARTZ-GOLD, version G5.0.1.5-210720-141020. Talos reports multiple stack-based buffer overflows in the DetranCLI command parsing for the template: schedule link1 WORD link2 WORD policy (failover|backup) description (WORD|null). Successful exploitation could lead t...
CVE-2022-41012
Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) is affected by CVE-2022-41012 due to stack-based buffer overflows in the DetranCLI command parsing, specifically in the templates used to handle commands like no schedule link1 etc. The vulnerabilities are in the DetranCLI parsing logic where unsafe fo...
CVE-2022-41017
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41016
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41011
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41015
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41017
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41017
CVE-2022-41017 affects Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. Talos/NVD entries describe several stack-based buffer overflow vulnerabilities in the DetranCLI command parsing, specifically in the vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|of...
CVE-2022-41014
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41005
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41009
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41004
CVE-2022-41004 affects Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) via stack-based buffer overflows in the DetranCLI command parsing, specifically in the no ip nat outside source template. Talos reports multiple CVEs in the same family with exploit paths leading to arbitrary command execution; C...
CVE-2022-41004
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41009
CVE-2022-41009 affects Siretta QUARTZ-GOLD with DetranCLI command parsing: stack-based buffer overflows in the port trig er protocol command template (port triger protocol … description WORD) can lead to arbitrary command execution. Affected version: Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. TA...
CVE-2022-41007
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41008
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41004
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...