Cross Site Scripting (XSS) vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue.
References
Link | Resource |
---|---|
https://tbutler.org/2021/04/29/teradek-vulnerability-advisory | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-02-03T00:00:00
Updated: 2023-02-03T00:00:00
Reserved: 2021-07-21T00:00:00
Link: CVE-2021-37378
JSON object: View
NVD Information
Status : Modified
Published: 2023-02-03T18:15:13.267
Modified: 2024-05-17T01:59:12.753
Link: CVE-2021-37378
JSON object: View
Redhat Information
No data.
CWE