Medium severity5.4NVD Advisory· Published Feb 3, 2023· Updated Jun 17, 2026
CVE-2021-37379
CVE-2021-37379
Description
Cross Site Scripting (XSS) vulnerability in Teradek Sphere all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue.
Affected products
2- Teradek/Spheredescription
Patches
Vulnerability mechanics
References
1- tbutler.org/2021/04/29/teradek-vulnerability-advisorynvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.