CVE-2021-37377

Name of the Vulnerable Software and Affected Versions Teradek Brik versions 7.2.x and earlier

Description A Cross Site Scripting (XSS) issue allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. The product has reached End of Life and will not receive firmware updates to address this issue.

Recommendations For Teradek Brik versions 7.2.x and earlier, as a temporary workaround, consider restricting access to the System Information Settings to minimize the risk of exploitation. Additionally, avoid using the Friendly Name field in the affected settings until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.