Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41022 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 7.2 HIGH |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn l2tp advanced name WORD dns (yes|no) mtu <128-16384> mru <128-16384> auth (on|off) password (WORD|null) options WORD' command temp ...
Show More |
|||||
| CVE-2022-41021 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 7.2 HIGH |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn l2tp advanced name WORD dns (yes|no) mtu <128-16384> mru <128-16384> auth (on|off) password (WORD|null) options WORD' command templat ...
Show More |
|||||
| CVE-2022-41020 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 7.2 HIGH |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn l2tp advanced name WORD dns (yes|no) mtu <128-16384> mru <128-16384> auth (on|off) password (WORD|null)' command template.
|
|||||
| CVE-2022-41019 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn l2tp advanced name WORD dns (yes|no) mtu <128-16384> mru <128-16384> auth (on|off) password (WORD|null)' command template.
|
|||||
| CVE-2022-41018 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off) localip A.B.C.D' ...
Show More |
|||||
| CVE-2022-41017 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off) localip A.B.C.D' co ...
Show More |
|||||
| CVE-2022-41016 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off)' command templat ...
Show More |
|||||
| CVE-2022-41015 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|off) defroute (on|off)' command template.
|
|||||
| CVE-2022-41014 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no static dhcp mac WORD (WORD|null) ip A.B.C.D hostname (WORD|null) description (WORD|null)' command template.
|
|||||
| CVE-2022-41013 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'static dhcp mac WORD (WORD|null) ip A.B.C.D hostname (WORD|null) description (WORD|null)' command template.
|
|||||
| CVE-2022-41012 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no schedule link1 WORD link2 WORD policy (failover|backup) description (WORD|null)' command template.
|
|||||
| CVE-2022-41011 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'schedule link1 WORD link2 WORD policy (failover|backup) description (WORD|null)' command template.
|
|||||
| CVE-2022-41010 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no port triger protocol (tcp|udp|tcp/udp) triger port <1-65535> forward port <1-65535> description WORD' command template.
|
|||||
| CVE-2022-41009 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'port triger protocol (tcp|udp|tcp/udp) triger port <1-65535> forward port <1-65535> description WORD' command template.
|
|||||
| CVE-2022-41008 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no port redirect protocol (tcp|udp|tcp/udp) inport <1-65535> dstaddr A.B.C.D export <1-65535> description WORD' command template.
|
|||||
| CVE-2022-41007 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'port redirect protocol (tcp|udp|tcp/udp) inport <1-65535> dstaddr A.B.C.D export <1-65535> description WORD' command template.
|
|||||
| CVE-2022-41006 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no ip static route destination A.B.C.D gateway A.B.C.D mask A.B.C.D metric <0-10> interface (lan|wan|vpn) description WORD' command templ ...
Show More |
|||||
| CVE-2022-41005 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'ip static route destination A.B.C.D gateway A.B.C.D mask A.B.C.D metric <0-10> interface (lan|wan|vpn) description WORD' command template ...
Show More |
|||||
| CVE-2022-41004 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no ip nat outside source (udp|tcp|all) (WORD|null) WORD to A.B.C.D (WORD|null) description (WORD|null)' command template.
|
|||||
| CVE-2022-41003 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'ip nat outside source (udp|tcp|all) (WORD|null) WORD to A.B.C.D (WORD|null) description (WORD|null)' command template.
|
|||||
| CVE-2022-41002 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no icmp check link WORD destination WORD interval <1-255> retries <1-255> description (WORD|null)' command template.
|
|||||
| CVE-2022-41001 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'icmp check link WORD destination WORD interval <1-255> retries <1-255> description (WORD|null)' command template.
|
|||||
| CVE-2022-41000 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no gre index <1-8> tunnel A.B.C.D source (A.B.C.D|null) dest A.B.C.D keepalive (on|off) interval (<0-255>|null) retry (<0-255>|null) desc ...
Show More |
|||||
| CVE-2022-40999 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'gre index <1-8> tunnel A.B.C.D source (A.B.C.D|null) dest A.B.C.D keepalive (on|off) interval (<0-255>|null) retry (<0-255>|null) descrip ...
Show More |
|||||
| CVE-2022-40998 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no gre index <1-8> destination A.B.C.D/M description (WORD|null)' command template.
|
|||||
| CVE-2022-40997 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'gre index <1-8> destination A.B.C.D/M description (WORD|null)' command template.
|
|||||
| CVE-2022-40996 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no firmwall srcmac (WORD|null) srcip (A.B.C.D|null) dstip (A.B.C.D|null) protocol (none|tcp|udp|icmp) srcport (<1-65535>|null) dstport (< ...
Show More |
|||||
| CVE-2022-40995 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'firmwall srcmac (WORD|null) srcip (A.B.C.D|null) dstip (A.B.C.D|null) protocol (none|tcp|udp|icmp) srcport (<1-65535>|null) dstport (<1-6 ...
Show More |
|||||
| CVE-2022-40994 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no firmwall keyword WORD description (WORD|null)' command template.
|
|||||
| CVE-2022-40993 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'firmwall keyword WORD description (WORD|null)' command template.
|
|||||
| CVE-2022-40992 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no firmwall domain WORD description (WORD|null)' command template.
|
|||||
| CVE-2022-40991 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'firmwall domain WORD description (WORD|null)' command template.
|
|||||
| CVE-2022-40990 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no bandwidth WORD dlrate <1-9999> dlceil <1-9999> ulrate <1-9999> ulceil <1-9999> priority (highest|high|normal|low|lowest)' command temp ...
Show More |
|||||
| CVE-2022-40989 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'bandwidth WORD dlrate <1-9999> dlceil <1-9999> ulrate <1-9999> ulceil <1-9999> priority (highest|high|normal|low|lowest)' command templat ...
Show More |
|||||
| CVE-2022-40988 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'ipv6 static dns WORD WORD WORD' command template.
|
|||||
| CVE-2022-40987 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the '(ddns1|ddns2) username WORD password CODE' command template.
|
|||||
| CVE-2022-40986 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the '(ddns1|ddns2) mx WORD' command template.
|
|||||
| CVE-2022-40985 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-11-04 | N/A | 9.8 CRITICAL |
|
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the '(ddns1|ddns2) hostname WORD' command template.
|
|||||
| CVE-2022-3786 | 3 Fedoraproject, Nodejs, Openssl | 3 Fedora, Node.js, Openssl | 2025-11-04 | N/A | 7.5 HIGH |
|
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (deci ...
Show More |
|||||
| CVE-2020-9063 | 1 Ncr | 2 Aptra Xfs, Selfserv Atm | 2025-11-04 | 7.2 HIGH | 7.6 HIGH |
|
NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier do not authenticate or protect the integrity of USB HID communications between the currency dispenser and the host computer, permitting an attacker with physical access to internal ATM components the ability to inject a malicious payload and execute arbitrary code with SYSTEM privileges on the host computer by causing a buffer overflow on the host.
|
|||||