20 matches found
CVE-2018-25156
Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page with a hidden form to submit password change requests to the device's system configuration...
CVE-2018-25156
Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page with a hidden form to submit password change requests to the device's system configuration...
CVE-2018-25156
CVE-2018-25156 affects Teradek Cube 7.3.6. The vulnerability is a cross-site request forgery that lets an attacker change the device administrator password by luring a user to submit a hidden CSRF-form crafted request to the device’s system configuration interface. Impact is change of admin passw...
CVE-2018-25156 Teradek Cube 7.3.6 Cross-Site Request Forgery Password Change
Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page with a hidden form to submit password change requests to the device's system configuration...
CVE-2018-25156 Teradek Cube 7.3.6 Cross-Site Request Forgery Password Change
Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page with a hidden form to submit password change requests to the device's system configuration...
PT-2025-53376
Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page with a hidden form to submit password change requests to the device's system configuration...
Teradek Cube 安全漏洞
Teradek Cube is a video decoder from Teradek. A security vulnerability exists in Teradek Cube version 7.3.6, which stems from vulnerability to a cross-site request forgery attack that could result in a change of the administrator password...
EUVD-2021-23947
Malware in sbrugna...
CVE-2021-37378
Cross Site Scripting XSS vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...
CVE-2021-37378
Cross Site Scripting XSS vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...
CVE-2021-37378
Cross Site Scripting XSS vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...
Teradek Cube 跨站脚本漏洞
Teradek Cube is a video decoder from Teradek. A security vulnerability exists in Teradek Cube version 7.3.x and prior versions. An attacker could exploit the vulnerability to execute arbitrary code via the Friendly Name field in System Information Settings...
PT-2023-12315 · Teradek · Teradek Cube Pro +1
Name of the Vulnerable Software and Affected Versions: Teradek Cube and Cube Pro versions 7.3.x and earlier Description: The issue allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. This is a result of a Cross Site Scripting XSS vulnerability...
CVE-2021-37378
CVE-2021-37378 affects Teradek Cube and Cube Pro firmware 7.3.x and earlier, via a Cross Site Scripting (XSS) flaw in the Friendly Name field of System Information Settings. The underlying issue permits arbitrary code execution by an attacker who can access the affected device over the network (p...
CVE-2021-37378
Cross Site Scripting XSS vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...
Teradek Cube 7.3.6 (snapshot.cgi) Stream Disclosure
Teradek Cube 7.3.6 snapshot.cgi Stream Disclosure Vendor: Teradek, LLC Product web page: https://www.teradek.com Affected version: Firmware Version: 7.3.6 build 26850 Hardware Version: 1.5 Teradek Firmware Version 7.3.15 Summary: Cube packs world-class video quality into a rugged, portable chassi...
Teradek Cube 7.3.6 Change Password Cross Site Request Forgery
...
Teradek Cube 7.3.6 - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications i...
Teradek Cube 7.3.6 - Cross-Site Request Forgery
input type="submit"...
Teradek Cube 7.3.6 (snapshot.cgi) Stream Disclosure
Summary Cube packs world-class video quality into a rugged, portable chassis for quick IP video deployments at any location. Each encoder and decoder includes HDMI and 3G-SDI I/O, Ethernet / WiFI connectivity, and full duplex IFB. Description Cube suffers from an unauthenticated and unauthorized...