738 matches found
CVE-2022-41991
A heap-based buffer overflow vulnerability exists in the m2m DELETEFILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger this vulnerability...
CVE-2022-42492
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...
CVE-2022-42491
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...
CVE-2022-42490
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...
CVE-2022-42491
The CVE-2022-42491 entry applies to Siretta QUARTZ-GOLD G5.0.1.5-210720-141020, specifically the m2m binary’s M2M_CONFIG_SET command. Talos details show several OS command injection vulnerabilities arising when the m2m_parse_router_config function processes UDP data without proper sanitization, a...
CVE-2022-42490
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Siretta QUARTZ-GOLD 操作系统命令注入漏洞
Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a crafted network reque...
Siretta QUARTZ-GOLD 操作系统命令注入漏洞
Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a crafted network reque...
PT-2023-14125 · Siretta · Siretta Quartz-Gold
Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: The issue concerns OS command injection vulnerabilities in the m2m binary. A specially-crafted network request can lead to arbitrary command execution. An attacker can exploit th...
Siretta QUARTZ-GOLD 操作系统命令注入漏洞
Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a crafted network reque...
Siretta QUARTZ-GOLD 操作系统命令注入漏洞
Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a crafted network reque...
Siretta QUARTZ-GOLD m2m DELETE_FILE cmd OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1638 Siretta QUARTZ-GOLD m2m DELETEFILE cmd OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-40222 SUMMARY An OS command injection vulnerability exists in the m2m DELETEFILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-14102...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...