CVE-2022-36279

Name of the Vulnerable Software and Affected Versions Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020

Description A stack-based buffer overflow issue exists in the httpd delfile.cgi functionality. This can be triggered by a specially-crafted HTTP request, potentially leading to remote code execution.

Recommendations For version G5.0.1.5-210720-141020, consider restricting access to the delfile.cgi functionality until a patch is available. As a temporary workaround, avoid using the httpd service with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.