3 matches found
CVE-2022-40222
An OS command injection vulnerability exists in the m2m DELETEFILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability...
CVE-2022-40222
The CVE-2022-40222 entry maps to Siretta QUARTZ-GOLD. TALOS details show an OS command injection in the M2M DELETE_FILE path where DELETE_FILE is invoked without authentication and can execute arbitrary commands via a crafted UDP payload (M2M_data_entry.data). Affected firmware variant noted in s...
Siretta QUARTZ-GOLD m2m DELETE_FILE cmd OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1638 Siretta QUARTZ-GOLD m2m DELETEFILE cmd OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-40222 SUMMARY An OS command injection vulnerability exists in the m2m DELETEFILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-14102...