2 matches found
CVE-2022-40988
Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) has stack-based buffer overflow vulnerabilities in the DetranCLI command parsing, specifically the ipv6 static dns WORD WORD WORD template. TALOS details show a vulnerable use of sprintf without proper bounds checking, enabling arbitrary command execut...
CVE-2022-40988
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...