209 matches found
CVE-2022-41022
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41022
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41023
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41027
CVE-2022-41027 affects Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. Talos/Cisco and Red Hat/CVE records describe multiple stack-based buffer overflow vulnerabilities in the DetranCLI command parsing, specifically in the template for the command: vpn schedule name1 WORD name2 WORD policy (failover|...
CVE-2022-41028
CVE-2022-41028 affects Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020). TALOS reports multiple stack-based buffer overflow vulnerabilities in the DetranCLI command parsing, specifically in the no vpn schedule name1 WORD name2 WORD policy (failover|backup) description (WORD|null) template. Root cause...
CVE-2022-41028
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41021
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41021
CVE-2022-41021 affects Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. The issue is a stack-based buffer overflow in the DetranCLI command parsing functionality, exploitable through crafted network packets that trigger the template: vpn l2tp advanced name WORD dns (yes|no) mtu mru auth (on|off) pas...
CVE-2022-41023
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41020
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41025
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41024
The TALOS overview confirms CVE-2022-41024 corresponds to multiple stack-based buffer overflow flaws in Siretta QUARTZ-GOLD’s DetranCLI command parsing (G5.0.1.5-210720-141020). A crafted network request sequence can trigger the overflow in various DetranCLI command templates, enabling arbitrary ...
CVE-2022-41023
CVE-2022-41023 affects Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) via stack-based buffer overflow in the DetranCLI command parsing for vpn pptp advanced name (and related templates). The issue arises from unsafe handling of command parameters (e.g., WORD, DNS, MTU, MRU, MPPE, stateful), enablin...
CVE-2022-41018
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41012
Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) is affected by CVE-2022-41012 due to stack-based buffer overflows in the DetranCLI command parsing, specifically in the templates used to handle commands like no schedule link1 etc. The vulnerabilities are in the DetranCLI parsing logic where unsafe fo...
CVE-2022-41015
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41014
Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) is affected by CVE-2022-41014 due to stack-based buffer overflow in the DetranCLI command parsing. The vulnerability affects the command template: no static dhcp mac WORD (WORD|null) ip A.B.C.D hostname (WORD|null) description (WORD|null). A crafted ne...
CVE-2022-41017
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41012
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41013
CVE-2022-41013 affects Siretta QUARTZ-GOLD DetranCLI. TALOS reports stack-based buffer overflow vulnerabilities in the DetranCLI parser for the command template static dhcp mac WORD (WORD|null) ip A.B.C.D hostname (WORD|null) description (WORD|null). A crafted network packet can trigger an overfl...