Vulnerabilities > Siretta > High

DATE CVE VULNERABILITY TITLE RISK
2023-01-30 CVE-2022-38451 Path Traversal vulnerability in multiple products
A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5.
network
low complexity
freshtomato siretta CWE-22
7.5
7.5
2023-01-26 CVE-2022-36279 Classic Buffer Overflow vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A stack-based buffer overflow vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-120
8.8
8.8
2023-01-26 CVE-2022-38066 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
8.8
2023-01-26 CVE-2022-38459 Classic Buffer Overflow vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A stack-based buffer overflow vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-120
8.8
8.8
2023-01-26 CVE-2022-38715 Unspecified vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta
8.8
8.8
2023-01-26 CVE-2022-39045 Path Traversal vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A file write vulnerability exists in the httpd upload.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-22
8.8
8.8
2023-01-26 CVE-2022-40220 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
8.8
2023-01-26 CVE-2022-40701 Path Traversal vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
A directory traversal vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-22
8.1
8.1
2023-01-26 CVE-2022-40969 OS Command Injection vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
An os command injection vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-78
8.8
8.8
2023-01-26 CVE-2022-41020 Out-of-bounds Write vulnerability in Siretta Quartz-Gold Firmware G5.0.1.5210720141020
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020.
network
low complexity
siretta CWE-787
7.2
7.2