Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Ericsson Subscribe
Filtered by product Indoor Connect 8855
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-27260 1 Ericsson 2 Indoor Connect 8855, Indoor Connect 8855 Firmware 2026-03-27 N/A 7.5 HIGH
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if exploited, can lead to unauthorized modification of certain information
CVE-2025-40841 1 Ericsson 2 Indoor Connect 8855, Indoor Connect 8855 Firmware 2026-03-27 N/A 4.3 MEDIUM
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery (CSRF) vulnerability which, if exploited, can lead to unauthorized modification of certain information.
CVE-2025-40842 1 Ericsson 2 Indoor Connect 8855, Indoor Connect 8855 Firmware 2026-03-27 N/A 6.1 MEDIUM
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting (XSS) vulnerability which, if exploited, can lead to unauthorized disclosure and modification of certain information.
CVE-2025-27262 1 Ericsson 2 Indoor Connect 8855, Indoor Connect 8855 Firmware 2025-10-02 N/A 7.8 HIGH
Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can result in an escalation of privileges.
CVE-2025-40836 1 Ericsson 2 Indoor Connect 8855, Indoor Connect 8855 Firmware 2025-10-02 N/A 9.8 CRITICAL
Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated privileges.
CVE-2025-40837 1 Ericsson 2 Indoor Connect 8855, Indoor Connect 8855 Firmware 2025-10-02 N/A 8.8 HIGH
Ericsson Indoor Connect 8855 contains a missing authorization vulnerability which if exploited can allow access to the system as a user with higher privileges than intended.
CVE-2025-40838 1 Ericsson 2 Indoor Connect 8855, Indoor Connect 8855 Firmware 2025-10-02 N/A 7.5 HIGH
Ericsson Indoor Connect 8855 contains a vulnerability where server-side security can be bypassed in the client which if exploited can lead to unauthorized disclosure of certain information.
CVE-2025-27261 1 Ericsson 2 Indoor Connect 8855, Indoor Connect 8855 Firmware 2025-10-02 N/A 9.8 CRITICAL
Ericsson Indoor Connect 8855 contains an SQL injection vulnerability which if exploited can result in unauthorized disclosure or modification of data.