Vulnerabilities > CVE-2022-41029 - Out-of-bounds Write vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020

047910
CVSS 7.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
siretta
CWE-787

Summary

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'wlan filter mac address WORD descript WORD' command template.

Vulnerable Configurations

Part Description Count
OS
Siretta
1
Hardware
Siretta
1

Common Weakness Enumeration (CWE)