7638 matches found
CVE-2022-42492
CVE-2022-42492 affects Siretta QUARTZ-GOLD QUARTZ-GOLD G5.0.1.5-210720-141020. The Talos review confirms OS command injection vulnerabilities in the m2m binary, exploitable via several commands that feed unsanitized data to system("nvram set ...") during m2m_parse_router_config processing, with t...
CVE-2022-42493
The CVE-2022-42493 family affects Siretta QUARTZ-GOLD: the m2m binary can execute arbitrary OS commands via UDP-triggered paths (e.g., DOWNLOAD_INFO, M2M_CONFIG_SET, DOWNLOAD_CFG_FILE, DOWNLOAD_AD) through m2m_parse_router_config without input sanitization. TALOS-2022-1640 confirms several OS com...
CVE-2022-42492
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...
CVE-2022-42492
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...
CVE-2022-42490
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...
CVE-2022-42491
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...
CVE-2022-42491
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...
CVE-2022-42491
The CVE-2022-42491 entry applies to Siretta QUARTZ-GOLD G5.0.1.5-210720-141020, specifically the m2m binary’s M2M_CONFIG_SET command. Talos details show several OS command injection vulnerabilities arising when the m2m_parse_router_config function processes UDP data without proper sanitization, a...
CVE-2022-40037
An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile...
CVE-2022-40719
This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpdgeneric.lua plugin for the xupnpd service, which...
CVE-2022-40719
This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpdgeneric.lua plugin for the xupnpd service, which...
PT-2023-13933 · Siretta · Siretta Quartz-Gold
Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality. A specially-crafted network packet can lead to arbitrary command...
Siretta QUARTZ-GOLD 安全漏洞
The Siretta QUARTZ-GOLD is a high-speed industrial router from Siretta. A buffer overflow vulnerability exists in the Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 version that can be exploited by an attacker to execute arbitrary commands...
Siretta QUARTZ-GOLD 操作系统命令注入漏洞
Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to an operating system command injection vulnerability, which can be exploited by attackers to cause the execution of arbitrary commands by sending specially crafted...
Siretta QUARTZ-GOLD 安全漏洞
Siretta QUARTZ-GOLD is an industrial router with multiple features and services.A buffer overflow vulnerability exists in Siretta QUARTZ-GOLD, which can be exploited by attackers to cause arbitrary command execution by sending specially crafted network packets...
Siretta QUARTZ-GOLD 安全漏洞
The Siretta QUARTZ-GOLD is a high-speed industrial router from Siretta. A buffer overflow vulnerability exists in the Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 version that can be exploited by an attacker to execute arbitrary commands...
Siretta QUARTZ-GOLD 安全漏洞
Siretta QUARTZ-GOLD is an industrial router with multiple features and services.A buffer overflow vulnerability exists in Siretta QUARTZ-GOLD, which can be exploited by attackers to cause arbitrary command execution by sending specially crafted network packets...
Siretta QUARTZ-GOLD 安全漏洞
Siretta QUARTZ-GOLD is an industrial router with multiple features and services.A buffer overflow vulnerability exists in Siretta QUARTZ-GOLD, which can be exploited by attackers to cause arbitrary command execution by sending specially crafted network packets...
Siretta QUARTZ-GOLD 缓冲区错误漏洞
Siretta QUARTZ-GOLD is a high-speed industrial router from Siretta.Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 is vulnerable to a buffer overflow vulnerability that could be exploited by attackers to execute arbitrary commands...
Siretta QUARTZ-GOLD 缓冲区错误漏洞
Siretta QUARTZ-GOLD is an industrial router with multiple features and services.A buffer overflow vulnerability exists in Siretta QUARTZ-GOLD, which can be exploited by attackers to cause arbitrary command execution by sending specially crafted network packets...