CISA has published an advisory on a cross-site scripting vulnerability in Systech NDS-5000 Terminal Server. NDS/5008 (8 Port, RJ45), firmware Version 02D.30 is affected. Successful exploitation of this vulnerability could allow information disclosure, limit system availability, and may allow remote code execution. Systech released firmware Version 02F.6 that eliminates this vulnerability. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.