Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2023/01/26 9:24 p.m.56 views

CVE-2022-40969

CVE-2022-40969 (Siretta QUARTZ-GOLD) is a OS command injection vulnerability in the httpd delfile.cgi file-management endpoint. Talos reports that the delfile.cgi handler accepts a parameter named _filename, appends it to a base folder path, and then executes rm -rf / via system(), with the filen...

8.8CVSS9.2AI score0.01772EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/01/26 12:0 a.m.2 views

PT-2023-13471 · Siretta · Siretta Quartz-Gold

Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: A stack-based buffer overflow issue exists in the httpd delfile.cgi functionality. This can be triggered by a specially-crafted HTTP request, potentially leading to remote code...

8.8CVSS7.5AI score0.08889EPSS
Exploits1References2
Talos
Talosadded 2023/01/26 12:0 a.m.28 views

Siretta QUARTZ-GOLD httpd delfile.cgi OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1607 Siretta QUARTZ-GOLD httpd delfile.cgi OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-40969 SUMMARY An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020....

8.8CVSS8AI score0.01772EPSS
Exploits1
Rows per page
Query Builder