CVE-2022-41002

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no icmp check link WORD destination WORD interval <1-255> retries <1-255> description (WORD|null)' command template.
References
Link Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1613 Exploit Technical Description Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1613 Exploit Technical Description Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siretta:quartz-gold_firmware:g5.0.1.5-210720-141020:*:*:*:*:*:*:*
cpe:2.3:h:siretta:quartz-gold:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:22

Type Values Removed Values Added
References () https://talosintelligence.com/vulnerability_reports/TALOS-2022-1613 - Exploit, Technical Description, Third Party Advisory () https://talosintelligence.com/vulnerability_reports/TALOS-2022-1613 - Exploit, Technical Description, Third Party Advisory
Summary
  • (es) Existen varias vulnerabilidades de desbordamiento del búfer basadas en pila en la funcionalidad de análisis del comando DetranCLI de Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. Un paquete de red especialmente manipulado puede provocar la ejecución de comandos arbitrarios. Un atacante puede enviar una secuencia de solicitudes para activar estas vulnerabilidades. Este desbordamiento del búfer se encuentra en la función que administra el comando 'no icmp check link WORD destination WORD interval &lt;1-255&gt; retries &lt;1-255&gt; description (WORD|null)'.

Information

Published : 2023-01-26 22:15

Updated : 2024-11-21 07:22


NVD link : CVE-2022-41002

Mitre link : CVE-2022-41002

CVE.ORG link : CVE-2022-41002


JSON object : View

Products Affected

siretta

  • quartz-gold_firmware
  • quartz-gold
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')