7 matches found
CVE-2022-40220
An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2022-40220
Cisco Talos details CVE-2022-40220: OS command injection in Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 via httpd txt/restore.cgi. The vulnerability arises when nvram key/value lines from the request body are parsed and fed to system() without validation, enabling arbitrary command execution. TALO...
Default configuration
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi...
CVE-2018-5724
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi...
CVE-2018-5724
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi...
CVE-2018-5724
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi...
Unfixed XSS vulnerability at 1.tool.ms
Security researcher kusomiso.com, has submitted on 23/09/2007 a cross-site-scripting XSS vulnerability affecting 1.tool.ms, which at the time of submission ranked 90345 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 24/09/2007. It is currently...