CVE-2022-40701 (quartz-gold_firmware)

A directory traversal vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to arbitrary file deletion. An attacker can send an HTTP request to trigger this vulnerability.

cve deletion directory directory traversal file http httpd request send trigger vulnerability