CVE-2022-41015

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off)' command template.
References
Link Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1613 Exploit Technical Description Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1613 Exploit Technical Description Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siretta:quartz-gold_firmware:g5.0.1.5-210720-141020:*:*:*:*:*:*:*
cpe:2.3:h:siretta:quartz-gold:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:22

Type Values Removed Values Added
Summary
  • (es) Existen varias vulnerabilidades de desbordamiento del búfer basadas en pila en la funcionalidad de análisis del comando DetranCLI de Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. Un paquete de red especialmente manipulado puede provocar la ejecución de comandos arbitrarios. Un atacante puede enviar una secuencia de solicitudes para activar estas vulnerabilidades. Este desbordamiento del búfer se encuentra en la función que administra la plantilla de comando 'vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off)'.
References () https://talosintelligence.com/vulnerability_reports/TALOS-2022-1613 - Exploit, Technical Description, Third Party Advisory () https://talosintelligence.com/vulnerability_reports/TALOS-2022-1613 - Exploit, Technical Description, Third Party Advisory

18 Oct 2023, 17:45

Type Values Removed Values Added
First Time Siretta quartz-gold
Siretta quartz-gold Firmware
CPE cpe:2.3:h:siretta:quartz-gold_router:-:*:*:*:*:*:*:*
cpe:2.3:o:siretta:quartz-gold_router_firmware:g5.0.1.5-210720-141020:*:*:*:*:*:*:*
cpe:2.3:o:siretta:quartz-gold_firmware:g5.0.1.5-210720-141020:*:*:*:*:*:*:*
cpe:2.3:h:siretta:quartz-gold:-:*:*:*:*:*:*:*

Information

Published : 2023-01-26 22:15

Updated : 2024-11-21 07:22


NVD link : CVE-2022-41015

Mitre link : CVE-2022-41015

CVE.ORG link : CVE-2022-41015


JSON object : View

Products Affected

siretta

  • quartz-gold_firmware
  • quartz-gold
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')