Описание
Cross Site Scripting (XSS) vulnerability in Teradek Brik firmware version 7.2.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.2.0 (включая) до 7.2.2 (включая)
Одновременно
cpe:2.3:o:teradek:brik_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:teradek:brik:-:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00062
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
около 3 лет назад
** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Brik firmware version 7.2.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue.
EPSS
Процентиль: 20%
0.00062
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79