Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Goodcloud Security Vulnerabilities

cve
cve

CVE-2022-42054

Multiple stored cross-site scripting (XSS) vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Company Name and Description text fields.

5.4CVSS

5.3AI Score

0.001EPSS

2022-10-27 06:15 PM
24
5
cve
cve

CVE-2022-42055

Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow attackers to read arbitrary files on the system.

6.5CVSS

6.8AI Score

0.001EPSS

2022-10-27 06:15 PM
24
2
cve
cve

CVE-2022-44211

In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change devices' settings.

7.4CVSS

7.4AI Score

0.002EPSS

2022-12-01 10:15 PM
27
cve
cve

CVE-2022-44212

In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel.

5.9CVSS

5.7AI Score

0.002EPSS

2022-12-01 10:15 PM
25