CVE-2022-36279
CVE-2022-36279 is a confirmed stack-based buffer overflow in the Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 httpd server’s delfile.cgi. The vulnerability arises from using an unchecked filename in a sprintf-based call that can overflow the stack and enable remote code execution via a crafted HTTP...