Ericsson Indoor Connect 8855
8 CVEs affecting Ericsson Indoor Connect 8855. Latest disclosed: 2026-03-25. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-40838 | High | 7.5 | 2025-09-25 | Ericsson Indoor Connect 8855 contains a vulnerability where server-side security can be bypassed in the client which if exploited can lead to unauthorized disc… |
CVE-2025-40842 | | 2026-03-25 | Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting (XSS) vulnerability which, if exploited, can lead to unauthorized disclo… | |
CVE-2025-40841 | | 2026-03-25 | Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery (CSRF) vulnerability which, if exploited, can lead to unauthorized… | |
CVE-2025-27260 | | 2026-03-25 | Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if exploited, can lead to unauth… | |
CVE-2025-40837 | | 2025-09-25 | Ericsson Indoor Connect 8855 contains a missing authorization vulnerability which if exploited can allow access to the system as a user with higher privileges… | |
CVE-2025-40836 | | 2025-09-25 | Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated pr… | |
CVE-2025-27262 | | 2025-09-25 | Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can result in an escalation of privileges. | |
CVE-2025-27261 | | 2025-09-25 | Ericsson Indoor Connect 8855 contains an SQL injection vulnerability which if exploited can result in unauthorized disclosure or modification of data. |