Browse all 5 CVE security advisories affecting gopeak. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Gopeak develops network monitoring and security analytics tools for enterprise environments. Historically, the product has been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and access control weaknesses. While no major public security incidents have been documented, the five CVEs recorded reveal consistent patterns in authentication bypass and insecure deserialization vulnerabilities. The platform's complexity in handling network traffic increases its attack surface, particularly in API endpoints and data processing components. Security researchers note that while vulnerabilities are typically patched promptly, the recurring nature of certain flaw types suggests deeper architectural challenges in input sanitization and session management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-7159 | gopeak MasterLab User.php update unrestricted upload — MasterLabCWE-434 | 4.7 | Medium | 2023-12-29 |
| CVE-2023-7147 | gopeak MasterLab User.php base64ImageContent unrestricted upload — MasterLabCWE-434 | 6.3 | Medium | 2023-12-29 |
| CVE-2023-7146 | gopeak MasterLab HTTP POST Request Feature.php sqlInjectDelete sql injection — MasterLabCWE-89 | 6.3 | Medium | 2023-12-29 |
| CVE-2023-7145 | gopeak MasterLab HTTP POST Request Framework.php sqlInject sql injection — MasterLabCWE-89 | 6.3 | Medium | 2023-12-29 |
| CVE-2023-7144 | gopeak MasterLab HTTP POST Request Feature.php sqlInject sql injection — MasterLabCWE-89 | 6.3 | Medium | 2023-12-29 |
This page lists every published CVE security advisory associated with gopeak. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.