Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Gl-inet Subscribe
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-44211 1 Gl-inet 1 Goodcloud 2022-12-06 N/A 7.4 HIGH
In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change devices' settings.
CVE-2022-44212 1 Gl-inet 1 Goodcloud 2022-12-06 N/A 5.9 MEDIUM
In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel.
CVE-2022-31898 1 Gl-inet 4 Gl-ax1800, Gl-ax1800 Firmware, Gl-mt300n-v2 and 1 more 2022-11-01 N/A 6.8 MEDIUM
gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the ping_addr and trace_addr function parameters.
CVE-2022-42055 1 Gl-inet 1 Goodcloud 2022-10-31 N/A 6.5 MEDIUM
Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow attackers to read arbitrary files on the system.
CVE-2022-42054 1 Gl-inet 1 Goodcloud 2022-10-31 N/A 5.4 MEDIUM
Multiple stored cross-site scripting (XSS) vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Company Name and Description text fields.
CVE-2021-44148 1 Gl-inet 2 Gl-ar150, Gl-ar150 Firmware 2021-12-08 4.3 MEDIUM 6.1 MEDIUM
GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allow cgi-bin/router_cgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name.
CVE-2019-6273 1 Gl-inet 2 Gl-ar300m-lite, Gl-ar300m-lite Firmware 2020-08-24 4.0 MEDIUM 6.5 MEDIUM
download_file in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to download arbitrary files.
CVE-2019-6275 1 Gl-inet 2 Gl-ar300m-lite, Gl-ar300m-lite Firmware 2019-03-25 6.5 MEDIUM 8.8 HIGH
Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code.
CVE-2019-6274 1 Gl-inet 2 Gl-ar300m-lite, Gl-ar300m-lite Firmware 2019-03-25 6.5 MEDIUM 8.8 HIGH
Directory traversal vulnerability in storage_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to have unspecified impact via directory traversal sequences.
CVE-2019-6272 1 Gl-inet 2 Gl-ar300m-lite, Gl-ar300m-lite Firmware 2019-03-25 6.5 MEDIUM 8.8 HIGH
Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code.