Lucene search
K

738 matches found

Vulnrichment
Vulnrichment
added 2023/01/26 9:24 p.m.8 views

CVE-2022-41991

A heap-based buffer overflow vulnerability exists in the m2m DELETEFILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger this vulnerability...

9.8CVSS7.6AI score0.01468EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/01/26 9:24 p.m.6 views

CVE-2022-42492

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...

9.8CVSS8AI score0.03233EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/26 9:24 p.m.9 views

CVE-2022-42491

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...

9.8CVSS10AI score0.03233EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/26 9:24 p.m.7 views

CVE-2022-42490

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...

9.8CVSS10AI score0.0347EPSS
Exploits0References1
CVE
CVE
added 2023/01/26 9:24 p.m.58 views

CVE-2022-42491

The CVE-2022-42491 entry applies to Siretta QUARTZ-GOLD G5.0.1.5-210720-141020, specifically the m2m binary’s M2M_CONFIG_SET command. Talos details show several OS command injection vulnerabilities arising when the m2m_parse_router_config function processes UDP data without proper sanitization, a...

9.8CVSS9.9AI score0.03233EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/01/26 9:24 p.m.33 views

CVE-2022-42490

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...

9.8CVSS10AI score0.0347EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/01/26 5:18 p.m.5 views

Mozilla: Malicious command could be hidden in devtools output

The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...

6.5CVSS7.4AI score0.00601EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.4 views

Siretta QUARTZ-GOLD 操作系统命令注入漏洞

Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a crafted network reque...

9.8CVSS7.7AI score0.03499EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.4 views

Siretta QUARTZ-GOLD 操作系统命令注入漏洞

Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a crafted network reque...

9.8CVSS7.7AI score0.03233EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/01/26 12:0 a.m.9 views

PT-2023-14125 · Siretta · Siretta Quartz-Gold

Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: The issue concerns OS command injection vulnerabilities in the m2m binary. A specially-crafted network request can lead to arbitrary command execution. An attacker can exploit th...

9.8CVSS9.9AI score0.03233EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.3 views

Siretta QUARTZ-GOLD 操作系统命令注入漏洞

Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a crafted network reque...

9.8CVSS7.7AI score0.043EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.7 views

Siretta QUARTZ-GOLD 操作系统命令注入漏洞

Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a crafted network reque...

8.8CVSS7.7AI score0.04054EPSS
Exploits1References3
Talos
Talos
added 2023/01/26 12:0 a.m.40 views

Siretta QUARTZ-GOLD m2m DELETE_FILE cmd OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1638 Siretta QUARTZ-GOLD m2m DELETEFILE cmd OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-40222 SUMMARY An OS command injection vulnerability exists in the m2m DELETEFILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-14102...

9.8CVSS9.6AI score0.043EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2023/01/25 3:33 p.m.6 views

Mozilla: Malicious command could be hidden in devtools output

The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...

6.5CVSS7.4AI score0.00601EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/25 3:29 p.m.5 views

Mozilla: Malicious command could be hidden in devtools output

The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...

6.5CVSS7.4AI score0.00601EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/25 3:20 p.m.5 views

Mozilla: Malicious command could be hidden in devtools output

The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...

6.5CVSS7.4AI score0.00601EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/23 10:5 a.m.6 views

Mozilla: Malicious command could be hidden in devtools output

The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...

6.5CVSS7.4AI score0.00601EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/23 10:3 a.m.6 views

Mozilla: Malicious command could be hidden in devtools output

The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...

6.5CVSS7.4AI score0.00601EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:26 a.m.6 views

Mozilla: Malicious command could be hidden in devtools output

The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...

6.5CVSS7.4AI score0.00601EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/01/23 9:22 a.m.5 views

Mozilla: Malicious command could be hidden in devtools output

The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...

6.5CVSS7.4AI score0.00601EPSS
Exploits0References6
Rows per page
Query Builder