Vulnerabilities > GL Inet > Goodcloud > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-01 | CVE-2022-44212 | Unspecified vulnerability in Gl-Inet Goodcloud In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel. | 5.9 |
2022-10-27 | CVE-2022-42054 | Cross-site Scripting vulnerability in Gl-Inet Goodcloud 1.00.220412.00 Multiple stored cross-site scripting (XSS) vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Company Name and Description text fields. | 5.4 |
2022-10-27 | CVE-2022-42055 | OS Command Injection vulnerability in Gl-Inet Goodcloud 1.00.220412.00 Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow attackers to read arbitrary files on the system. | 6.5 |