38 matches found
CVE-2019-25252
Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft malicious web pages that automatically submit password change requests to the device when a logged-in...
CVE-2019-25251
Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xmlurl'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP...
CVE-2019-25251
Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xmlurl'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP...
CVE-2019-25252
Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft malicious web pages that automatically submit password change requests to the device when a logged-in...
CVE-2019-25252
CVE-2019-25252 affects Teradek VidiU Pro 3.0.3 with a cross-site request forgery that allows changing administrative passwords when a logged-in administrator visits a malicious page. The issue arises from insufficient request validation, enabling an attacker-controlled page to submit password-cha...
CVE-2019-25252 Teradek VidiU Pro 3.0.3 Cross-Site Request Forgery via Password Change
Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft malicious web pages that automatically submit password change requests to the device when a logged-in...
CVE-2019-25252 Teradek VidiU Pro 3.0.3 Cross-Site Request Forgery via Password Change
Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft malicious web pages that automatically submit password change requests to the device when a logged-in...
CVE-2019-25251 Teradek VidiU Pro 3.0.3 Server-Side Request Forgery via RTMP Settings
Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xmlurl'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP...
CVE-2019-25251 Teradek VidiU Pro 3.0.3 Server-Side Request Forgery via RTMP Settings
Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xmlurl'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP...
CVE-2019-25251
CVE-2019-25251 affects Teradek VidiU Pro 3.0.3. The vulnerability is a server-side request forgery in the management interface that allows manipulation of the GET parameters url and xml_url, enabling attackers to bypass firewalls, perform network enumeration, and potentially trigger external HTTP...
PT-2025-53337
Name of the Vulnerable Software and Affected Versions Teradek VidiU Pro version 3.0.3 Description The software contains a server-side request forgery issue in the management interface. Attackers can manipulate GET parameters url and xml url to bypass firewalls, perform network enumeration, and...
Teradek VidiU Pro 安全漏洞
Teradek VidiU Pro is a hardware live encoder from Teradek USA. A security vulnerability exists in Teradek VidiU Pro version 3.0.3 that stems from a lack of proper request validation and could lead to a cross-site request forgery attack...
PT-2025-53338
Name of the Vulnerable Software and Affected Versions Teradek VidiU Pro version 3.0.3 Description The Teradek VidiU Pro software contains a cross-site request forgery issue. This allows attackers to alter administrative passwords due to insufficient validation of requests. An attacker can create...
Teradek VidiU Pro 安全漏洞
Teradek VidiU Pro is a hardware live streaming encoder from Teradek USA. A security vulnerability exists in Teradek VidiU Pro version 3.0.3, which stems from the mishandling of the url and xmlurl parameters by the management interface, which could lead to a server-side request forgery attack...
CVE-2021-37375
Cross Site Scripting XSS vulnerability in Teradek VidiU / VidiU Mini firmware version 3.0.8 and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...
CVE-2021-37375
Cross Site Scripting XSS vulnerability in Teradek VidiU / VidiU Mini firmware version 3.0.8 and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...
CVE-2021-37375
Cross Site Scripting XSS vulnerability in Teradek VidiU / VidiU Mini firmware version 3.0.8 and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...
Cross site scripting
UNSUPPORTED WHEN ASSIGNED Cross Site Scripting XSS vulnerability in Teradek VidiU / VidiU Mini firmware version 3.0.8 and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and wi...
PT-2023-12312 · Teradek · Teradek Vidiu Mini +1
Name of the Vulnerable Software and Affected Versions: Teradek VidiU / VidiU Mini versions 3.0.8 and earlier Description: A Cross Site Scripting XSS issue allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. The product has reached End of Life...
Teradek VidiU 跨站脚本漏洞
Teradek VidiU is Teradek's device for transmitting HD video signals over a network. A security vulnerability exists in Teradek VidiU / VidiU Mini firmware version 3.0.8 and earlier versions. An attacker can exploit the vulnerability to execute arbitrary code via the Friendly Name field in System...