Loading HuntDB...

GHSA-w3q2-qmr4-2x7c

GitHub Security Advisory

⚠ Unreviewed CRITICAL Has CVE

Advisory Details

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off)' command template.

Related CVEs

Key Information

GHSA ID
GHSA-w3q2-qmr4-2x7c
Published
January 27, 2023 12:30 AM
Last Modified
February 3, 2023 6:30 PM
CVSS Score
9.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 6, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.