PT-2026-35207

A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been...

D-Link DGS-3420 跨站脚本漏洞

The D-Link DGS-3420 is a managed Gigabit Ethernet switch designed for enterprise networks by D-Link Corporation. The version 1.50.018 of the D-Link DGS-3420 contains a cross-site scripting vulnerability. This vulnerability arises from improper handling of the System Name parameter in the System...

CVE-2021-37378

Cross Site Scripting XSS vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...

CVE-2021-37377

Cross Site Scripting XSS vulnerability in Teradek Brik firmware version 7.2.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates...

CVE-2021-37378

Cross Site Scripting XSS vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...

CVE-2021-37379

Cross Site Scripting XSS vulnerability in Teradek Sphere all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address...

CVE-2021-37373

Cross Site Scripting XSS vulnerability in Teradek Slice 1st generation firmware 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware...

CVE-2021-37373

Cross Site Scripting XSS vulnerability in Teradek Slice 1st generation firmware 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware...

CVE-2021-37373

Teradek Slice (1st generation) firmware 7.3.x and earlier is vulnerable to a Cross Site Scripting (XSS) flaw in the Friendly Name field of System Information Settings. The root cause is improper handling of input in that field, enabling an attacker to execute arbitrary code remotely. Exploitation...

CVE-2021-37373

Cross Site Scripting XSS vulnerability in Teradek Slice 1st generation firmware 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware...

CVE-2021-37374

Cross Site Scripting XSS vulnerability in Teradek Clip all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address...

CVE-2021-37375

Cross Site Scripting XSS vulnerability in Teradek VidiU / VidiU Mini firmware version 3.0.8 and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...

CVE-2021-37379

Cross Site Scripting XSS vulnerability in Teradek Sphere all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address...

Teradek Slice 跨站脚本漏洞

Teradek Slice is a rackmount video decoder from Teradek. A security vulnerability exists in Teradek Slice 1st generation firmware version 7.3.x and earlier. An attacker could exploit the vulnerability to execute arbitrary code via the Friendly Name field in System Information Settings...

Teradek Sphere 跨站脚本漏洞

Teradek Sphere is a real-time monitoring and streaming solution from Teradek. A security vulnerability exists in Teradek Sphere. An attacker could exploit the vulnerability to execute arbitrary code via the Friendly Name field in System Information Settings...

PT-2023-12315 · Teradek · Teradek Cube Pro +1

Name of the Vulnerable Software and Affected Versions: Teradek Cube and Cube Pro versions 7.3.x and earlier Description: The issue allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. This is a result of a Cross Site Scripting XSS vulnerability...

PT-2023-12314 · Teradek · Teradek Brik

Name of the Vulnerable Software and Affected Versions: Teradek Brik versions 7.2.x and earlier Description: A Cross Site Scripting XSS issue allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. The product has reached End of Life and will not...