15 matches found
CVE-2021-37379
Cross Site Scripting XSS vulnerability in Teradek Sphere all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address...
PT-2024-13409 · Itop +1 · Itop +1
Name of the Vulnerable Software and Affected Versions: iTop versions prior to 3.1.1 iTop versions prior to 3.2.0 Description: The issue allows an XSS attack to be performed when an object is displayed as an n:n relation item in another object, by filling malicious code in an object friendlyname o...
CVE-2021-37379
Cross Site Scripting XSS vulnerability in Teradek Sphere all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address...
CVE-2021-37378
Cross Site Scripting XSS vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...
CVE-2021-37376
Cross Site Scripting XSS vulnerability in Teradek Bond, Bond 2 and Bond Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving...
CVE-2021-37373
Cross Site Scripting XSS vulnerability in Teradek Slice 1st generation firmware 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware...
PT-2023-12312 · Teradek · Teradek Vidiu Mini +1
Name of the Vulnerable Software and Affected Versions: Teradek VidiU / VidiU Mini versions 3.0.8 and earlier Description: A Cross Site Scripting XSS issue allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. The product has reached End of Life...
PT-2023-12313 · Teradek · Bond Pro +2
Name of the Vulnerable Software and Affected Versions: Teradek Bond, Bond 2 and Bond Pro versions 7.3.x and earlier Description: A Cross Site Scripting XSS issue allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. The vendor states that the...
Teradek Clip 跨站脚本漏洞
Teradek Clip is Teradek's video signal transmitter for drones with encoding and wireless signal transmission. A security vulnerability exists in Teradek Clip. An attacker could use this vulnerability to execute arbitrary code via the Friendly Name field in System Information Settings...
Teradek Bond 跨站脚本漏洞
Teradek Bond is Teradek's portable, real-time streaming media delivery solution. A security vulnerability exists in Teradek Bond version 7.3.x and prior versions. An attacker could exploit the vulnerability to execute arbitrary code via the Friendly Name field in System Information Settings...
Teradek Sphere 跨站脚本漏洞
Teradek Sphere is a real-time monitoring and streaming solution from Teradek. A security vulnerability exists in Teradek Sphere. An attacker could exploit the vulnerability to execute arbitrary code via the Friendly Name field in System Information Settings...
CVE-2021-37379
Cross Site Scripting XSS vulnerability in Teradek Sphere all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address...
CVE-2021-37375
Cross Site Scripting XSS vulnerability in Teradek VidiU / VidiU Mini firmware version 3.0.8 and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...
Tasmota 跨站脚本漏洞
Tasmota is a replacement firmware for the ESP8266 with easy configuration using the webUI, OTA updates, automation using timers or rules, scalability, and full local control over MQTT, HTTP, serial or KNX. A security vulnerability exists in Tasmota firmware version 6.5.0 that could allow a remote...
PT-2023-12293 · Tasmota · Tasmota
Name of the Vulnerable Software and Affected Versions: Tasmota firmware version 6.5.0 Description: The issue allows remote attackers to inject JavaScript code via a crafted string in the Friendly Name 1 field. This enables Cross Site Scripting XSS attacks. Recommendations: For Tasmota firmware...