2 matches found
CVE-2022-39045
A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2022-39045
Mode C: Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 is affected by TALOS-2022-1611/CVE-2022-39045. A file-write vulnerability exists in the httpd upload.cgi functionality that, due to lack of filename sanitization, allows path traversal to overwrite arbitrary files. An uploaded file can be written...