CVE-2019-25251

Name of the Vulnerable Software and Affected Versions Teradek VidiU Pro version 3.0.3

Description The software contains a server-side request forgery issue in the management interface. Attackers can manipulate GET parameters url and xml url to bypass firewalls, perform network enumeration, and potentially initiate HTTP requests to arbitrary destinations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.