Cross Site Scripting (XSS) vulnerability in GBCOM LAC WEB Control Center version lac-1.3.x, allows malicious users to create an arbitrary device.
gbcom lac web control center lac-1.3.x