Filtered by vendor Siretta
Subscriptions
Filtered by product Quartz-gold Firmware
Subscriptions
Total
64 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-39045 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2023-02-02 | 8.8 High |
| A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2022-40220 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2023-02-02 | 8.8 High |
| An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2022-40222 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2023-02-02 | 9.8 Critical |
| An OS command injection vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability. | ||||
| CVE-2022-40701 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2023-02-02 | 8.1 High |
| A directory traversal vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability. | ||||