← Back

Indoor Connect 8855 Firmware

indoor_connect_8855_firmware

Vendor: Ericsson • 8 CVEs

CVEs (8)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-40842
1Ericsson
1Indoor Connect 8855 Firmware
Mar 27, 2026
Mar 25, 2026
8.5 HIGH· v4
6.1 MEDIUM· v3
N/A· v2
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting (XSS) vulnerability which, if exploited, can lead to unauthorized disclosure and modification of certain information.
CVE-2025-40841
1Ericsson
1Indoor Connect 8855 Firmware
Mar 27, 2026
Mar 25, 2026
5.1 MEDIUM· v4
4.3 MEDIUM· v3
N/A· v2
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery (CSRF) vulnerability which, if exploited, can lead to unauthorized modification of certain information.
CVE-2025-27260
1Ericsson
1Indoor Connect 8855 Firmware
Mar 27, 2026
Mar 25, 2026
7.2 HIGH· v4
7.5 HIGH· v3
N/A· v2
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability which, if exploited, can lead to unauthorized modification of certain information
CVE-2025-40838
1Ericsson
1Indoor Connect 8855 Firmware
Apr 29, 2026
Sep 25, 2025
5.1 MEDIUM· v4
7.5 HIGH· v3
N/A· v2
Ericsson Indoor Connect 8855 contains a vulnerability where server-side security can be bypassed in the client which if exploited can lead to unauthorized disclosure of certain information.
CVE-2025-40837
1Ericsson
1Indoor Connect 8855 Firmware
Oct 2, 2025
Sep 25, 2025
8.7 HIGH· v4
8.8 HIGH· v3
N/A· v2
Ericsson Indoor Connect 8855 contains a missing authorization vulnerability which if exploited can allow access to the system as a user with higher privileges than intended.
CVE-2025-40836
1Ericsson
1Indoor Connect 8855 Firmware
Oct 2, 2025
Sep 25, 2025
8.7 HIGH· v4
9.8 CRITICAL· v3
N/A· v2
Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated privileges.
CVE-2025-27262
1Ericsson
1Indoor Connect 8855 Firmware
Oct 2, 2025
Sep 25, 2025
8.5 HIGH· v4
7.8 HIGH· v3
N/A· v2
Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can result in an escalation of privileges.
CVE-2025-27261
1Ericsson
1Indoor Connect 8855 Firmware
Oct 2, 2025
Sep 25, 2025
8.7 HIGH· v4
9.8 CRITICAL· v3
N/A· v2
Ericsson Indoor Connect 8855 contains an SQL injection vulnerability which if exploited can result in unauthorized disclosure or modification of data.