Published: 26/01/2023 Updated: 02/02/2023

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 0

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn schedule name1 WORD name2 WORD policy (failover|backup) description (WORD|null)' command template.

Vulnerable Product	Search on Vulmon	Subscribe to Product
siretta quartz-gold_firmware g5.0.1.5-210720-141020

Microsoft squashes six security bugs already exploited in the wild

The Register

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Plus: Fixes from Intel, AMD, Citrix and more

Patch Tuesday November's Patch Tuesday also falls on election day in the US, so let's hope that democracy fares better than Microsoft, which reported six of today's bugs are already being exploited in the wild by miscreants. Another 22 vulnerabilities in the Windows giant's products have been labeled "more likely to be exploited" than not. Also, shockingly, Adobe skipped the monthly patch party. "Heads-up that Adobe does not have regularly scheduled updates planned for today," a spokesperson tol...

CVE-2022-41028

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect