CVE-2022-41021

Name of the Vulnerable Software and Affected Versions Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020

Description The issue concerns stack-based buffer overflow vulnerabilities in the DetranCLI command parsing functionality. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities, specifically targeting the function that manages the 'vpn l2tp advanced name WORD dns (yes|no) mtu <128-16384> mru <128-16384> auth (on|off) password (WORD|null) options WORD' command template. The vpn l2tp advanced command template and its parameters, such as name, dns, mtu, mru, auth, password, and options, are involved in the vulnerability.

Recommendations For Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020, as a temporary workaround, consider restricting access to the DetranCLI command parsing functionality until a patch is available. Avoid using the vpn l2tp advanced command template and its associated parameters, such as name, dns, mtu, mru, auth, password, and options, in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.