Lucene search
PRIOn knowledge basePRION:CVE-2021-37376HistoryFeb 03, 2023 - 6:15 p.m.
Cross site scripting
2023-02-0318:15:00
PRIOn knowledge base
www.prio-n.com
7
cross site scripting
teradek
bond firmware
arbitrary code
remote attackers
end of life
0.001 Low
EPSS
Percentile
30.3%
UNSUPPORTED WHEN ASSIGNED Cross Site Scripting (XSS) vulnerability in Teradek Bond, Bond 2 and Bond Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bond_2_firmware | ge | 7.3.0 | |
| bond_2_firmware | le | 7.3.19 | |
| bond_firmware | ge | 7.3.0 | |
| bond_firmware | le | 7.3.18 | |
| bond_pro_firmware | ge | 7.3.0 | |
| bond_pro_firmware | le | 7.3.19 |
Related
cve
cve
CVE-2021-37376
2023-02-03 18:15:12
cvelist
cvelist
CVE-2021-37376
2023-02-03 00:00:00
nvd
nvd
CVE-2021-37376
2023-02-03 18:15:12
vulnrichment
vulnrichment
CVE-2021-37376
2023-02-03 00:00:00