2 matches found
CVE-2022-38715
TALOS-2022-1610 confirms a leftover debug code vulnerability in Siretta QUARTZ-GOLD G5.0.1.5-210720-141020: an authenticated HTTP request to httpd shell.cgi can trigger arbitrary command execution due to a debug API that was not disabled in the AdvancedTomato-based web server. The CVE (CVE-2022-3...
Siretta QUARTZ-GOLD httpd shell.cgi leftover debug code vulnerability
Talos Vulnerability Report TALOS-2022-1610 Siretta QUARTZ-GOLD httpd shell.cgi leftover debug code vulnerability January 26, 2023 CVE Number CVE-2022-38715 SUMMARY A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A...