Vulnerabilities > Siretta

DATE CVE VULNERABILITY TITLE RISK
2023-01-30 CVE-2022-38451 Path Traversal vulnerability in multiple products
A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5.
network
low complexity
freshtomato siretta CWE-22
7.5
2023-01-30 CVE-2022-42484 OS Command Injection vulnerability in multiple products
An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5.
network
low complexity
freshtomato siretta CWE-78
critical
9.8
2023-01-26 CVE-2022-36279 Classic Buffer Overflow vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A stack-based buffer overflow vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-120
8.8
2023-01-26 CVE-2022-38066 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
2023-01-26 CVE-2022-38088 Path Traversal vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-22
6.5
2023-01-26 CVE-2022-38459 Classic Buffer Overflow vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A stack-based buffer overflow vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-120
8.8
2023-01-26 CVE-2022-38715 Unspecified vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta
8.8
2023-01-26 CVE-2022-39045 Path Traversal vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-22
8.8
2023-01-26 CVE-2022-40220 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
2023-01-26 CVE-2022-40222 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
9.8