209 matches found
CVE-2022-41011
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41013
CVE-2022-41013 affects Siretta QUARTZ-GOLD DetranCLI. TALOS reports stack-based buffer overflow vulnerabilities in the DetranCLI parser for the command template static dhcp mac WORD (WORD|null) ip A.B.C.D hostname (WORD|null) description (WORD|null). A crafted network packet can trigger an overfl...
CVE-2022-41018
CVE-2022-41018 affects Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) via stack-based buffer overflow vulnerabilities in the DetranCLI command parsing logic. The exploits target the no vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|o...
CVE-2022-41012
Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) is affected by CVE-2022-41012 due to stack-based buffer overflows in the DetranCLI command parsing, specifically in the templates used to handle commands like no schedule link1 etc. The vulnerabilities are in the DetranCLI parsing logic where unsafe fo...
CVE-2022-41005
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41001
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41007
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41002
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41005
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41010
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41000
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41006
CVE-2022-41006 is reported against Siretta QUARTZ-GOLD, version G5.0.1.5-210720-141020, describing multiple stack-based buffer overflow vulnerabilities in the DetranCLI command parsing functionality. Talos details show that the overflow occurs in parsing templates such as the no ip static route c...
CVE-2022-41005
CVE-2022-41005 affects Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) via stack-based buffer overflows in the DetranCLI command parsing, specifically targeting the ip static route destination … description WORD template. A crafted network packet sequence can lead to arbitrary command execution. Tal...
CVE-2022-40999
CVE-2022-40999 corresponds to multiple stack-based buffer overflow vulnerabilities in the Siretta QUARTZ-GOLD DetranCLI command parsing. The TALOS report details a specific vulnerability class affecting the GRE index tunnel command template (gre index tunnel A.B.C.D source dest keepalive interva...
CVE-2022-41007
CVE-2022-41007 concerns Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. The connected TALOS report confirms several stack-based buffer overflow vulnerabilities in the DetranCLI command parsing, specifically in the template for the port redirect protocol command (tcp|udp|tcp/udp) inport dstaddr A.B.C...
CVE-2022-41008
CVE-2022-41008 affects Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020). The connected Talos report documents multiple stack-based buffer overflow vulnerabilities in the DetranCLI command parsing, specifically within the template handling for the command: no port redirect protocol (tcp|udp|tcp/udp) i...
CVE-2022-41009
CVE-2022-41009 affects Siretta QUARTZ-GOLD with DetranCLI command parsing: stack-based buffer overflows in the port trig er protocol command template (port triger protocol … description WORD) can lead to arbitrary command execution. Affected version: Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. TA...
CVE-2022-41008
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-40997
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-40995
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...