Skip to main content

Goodcloud

4 CVEs product

Monthly

CVE-2022-44212 MEDIUM This Month

In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Goodcloud
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2022-44211 HIGH This Week

In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change devices' settings. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Goodcloud
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2022-42055 MEDIUM POC This Month

Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow attackers to read arbitrary files on the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Goodcloud
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2022-42054 MEDIUM POC This Month

Multiple stored cross-site scripting (XSS) vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 allow attackers to execute arbitrary web scripts or HTML via a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Goodcloud
NVD
CVSS 3.1
5.4
EPSS
0.5%
EPSS 1% CVSS 5.9
MEDIUM This Month

In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Goodcloud
NVD
EPSS 1% CVSS 7.4
HIGH This Week

In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change devices' settings. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Goodcloud
NVD
EPSS 2% CVSS 6.5
MEDIUM POC This Month

Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow attackers to read arbitrary files on the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Goodcloud
NVD
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Multiple stored cross-site scripting (XSS) vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 allow attackers to execute arbitrary web scripts or HTML via a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Goodcloud
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy