CVE-2021-37379

Name of the Vulnerable Software and Affected Versions Teradek Sphere all firmware versions

Description The issue allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. This is a Cross Site Scripting (XSS) issue. The vendor states that the product has reached End of Life and will not be receiving any firmware updates to address this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.