UNSUPPORTED WHEN ASSIGNED Cross Site Scripting (XSS) vulnerability in Teradek Bond, Bond 2 and Bond Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue.
CPE | Name | Operator | Version |
---|---|---|---|
bond_2_firmware | ge | 7.3.0 | |
bond_2_firmware | le | 7.3.19 | |
bond_firmware | ge | 7.3.0 | |
bond_firmware | le | 7.3.18 | |
bond_pro_firmware | ge | 7.3.0 | |
bond_pro_firmware | le | 7.3.19 |