Quartz-gold Security Vulnerabilities and Issues — Quartz-gold CVE List

Lucene search

SirettaQuartz-gold

9 matches found

CVE•added 2023/01/26 10:15 p.m.•94 views

CVE-2022-40220

An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.

8.8CVSS9.2AI score0.00403EPSS

CVE•added 2023/01/26 10:15 p.m.•63 views

CVE-2022-38715

A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

8.8CVSS9.2AI score0.05539EPSS

CVE•added 2023/01/26 10:15 p.m.•61 views

CVE-2022-38459

A stack-based buffer overflow vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

8.8CVSS9.4AI score0.05619EPSS

CVE•added 2023/01/26 10:15 p.m.•56 views

CVE-2022-39045

A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.

8.8CVSS8.9AI score0.00701EPSS

CVE•added 2023/01/26 10:15 p.m.•52 views

CVE-2022-40701

A directory traversal vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability.

8.1CVSS8.4AI score0.00874EPSS

CVE•added 2023/01/26 10:15 p.m.•48 views

CVE-2022-40969

An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.

8.8CVSS9.2AI score0.00487EPSS

CVE•added 2023/01/26 10:15 p.m.•45 views

CVE-2022-38066

An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP response can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.

8.8CVSS9.2AI score0.00346EPSS

CVE•added 2023/01/26 10:15 p.m.•41 views

CVE-2022-36279

A stack-based buffer overflow vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

8.8CVSS9.4AI score0.03995EPSS

CVE•added 2023/01/26 10:15 p.m.•38 views

CVE-2022-41154

A directory traversal vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary file deletion. An attacker can send a network request to trigger this vulnerability.

8.2CVSS7AI score0.0056EPSS