Vulnerability Details CVE-2022-41030
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no wlan filter mac address WORD descript WORD' command template.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.2%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2022-41030
-
cpe:2.3:h:siretta:quartz-gold:-
-
cpe:2.3:o:siretta:quartz-gold_firmware:g5.0.1.5-210720-141020