CSRF in Ericsson Indoor Connect 8855

CVE-2025-40841

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery (CSRF) vulnerability which, if exploited, can lead to unauthorized modification of certain information.

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.000 (4.9th percentile) — read the EPSS interpretation.

Affected products

Ericsson Indoor Connect 8855 — versions 0

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References