Vulnerabilities > Siretta > Quartz Gold Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-01-30 CVE-2022-42484 OS Command Injection vulnerability in multiple products
An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5.
network
low complexity
freshtomato siretta CWE-78
critical
9.8
2023-01-26 CVE-2022-42493 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
9.8
2023-01-26 CVE-2022-42492 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
9.8
2023-01-26 CVE-2022-42491 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
9.8
2023-01-26 CVE-2022-42490 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
critical
9.8
2023-01-26 CVE-2022-41991 Out-of-bounds Write vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A heap-based buffer overflow vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-787
critical
9.8
2023-01-26 CVE-2022-41030 Classic Buffer Overflow vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-120
critical
9.8
2023-01-26 CVE-2022-41019 Out-of-bounds Write vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-787
critical
9.8
2023-01-26 CVE-2022-41018 Classic Buffer Overflow vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-120
critical
9.8
2023-01-26 CVE-2022-41017 Classic Buffer Overflow vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-120
critical
9.8