Shodan
Vulnerabilities
Vulnerable Software
Gl-Inet:  Security Vulnerabilities
CVE-2022-44212
In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel.
CVSS Score
5.9
EPSS Score
0.001
Published
2022-12-01
CVE-2022-42054
Multiple stored cross-site scripting (XSS) vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Company Name and Description text fields.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-10-27
CVE-2022-42055
Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow attackers to read arbitrary files on the system.
CVSS Score
6.5
EPSS Score
0.01
Published
2022-10-27
CVE-2022-31898
gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the ping_addr and trace_addr function parameters.
CVSS Score
6.8
EPSS Score
0.357
Published
2022-10-27
CVE-2021-44148
GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allow cgi-bin/router_cgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-12-07
CVE-2019-6272
Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.07
Published
2019-03-21
CVE-2019-6273
download_file in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to download arbitrary files.
CVSS Score
6.5
EPSS Score
0.072
Published
2019-03-21
CVE-2019-6274
Directory traversal vulnerability in storage_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to have unspecified impact via directory traversal sequences.
CVSS Score
8.8
EPSS Score
0.038
Published
2019-03-21
CVE-2019-6275
Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.07
Published
2019-03-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved