← back
CVE-2021-37376

CVE-2021-37376

EPSS 0.6%
Cross Site Scripting (XSS) vulnerability in Teradek Bond, Bond 2 and Bond Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://tbutler.org/2021/04/29/teradek-vulnerability-advisoryhttps://teradek.com/collections/cube2