CVE-2022-42490 in QUARTZ-GOLDinformation

Résumé

par MITRE • 27/01/2023

Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is reachable through the m2m's DOWNLOAD_CFG_FILE command

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsable

Talos

Réserver

07/10/2022

Divulgation

27/01/2023

Modérer

accepté

Entrée

VDB-219463

CPE

prêt

EPSS

0.03470

KEV

non

Activités

très faible

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!