Lucene search
PRIOn knowledge basePRION:CVE-2021-37378HistoryFeb 03, 2023 - 6:15 p.m.
Cross site scripting
2023-02-0318:15:00
PRIOn knowledge base
www.prio-n.com
2
cross site scripting
teradek
cube pro
firmware
vulnerability
remote code execution
0.001 Low
EPSS
Percentile
30.4%
UNSUPPORTED WHEN ASSIGNED Cross Site Scripting (XSS) vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cube_firmware | ge | 7.3.0 | |
| cube_firmware | le | 7.3.19 | |
| cube_pro_firmware | ge | 7.3.0 | |
| cube_pro_firmware | le | 7.3.16 |
Related
cve
cve
CVE-2021-37378
2023-02-03 18:15:13
cvelist
cvelist
CVE-2021-37378
2023-02-03 00:00:00
nvd
nvd
CVE-2021-37378
2023-02-03 18:15:13