Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow attackers to read arbitrary files on the system.
References
Link | Resource |
---|---|
https://boschko.ca/glinet-router | Exploit Third Party Advisory |
Configurations
Information
Published : 2022-10-27 11:15
Updated : 2022-10-31 12:02
NVD link : CVE-2022-42055
Mitre link : CVE-2022-42055
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
gl-inet
- goodcloud