CVE-2025-40842

High CVSS: 8.5

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a
Cross-Site Scripting (XSS) vulnerability which, if exploited, can lead to
unauthorized disclosure and modification of certain information.

Vendor

Ericsson

Product

Indoor Connect 8855 Firmware

CWE

CWE-79

Yayın Tarihi

2026-03-25 14:16:30

Güncelleme

2026-03-27 18:27:30

Source Identifier

85b1779b-6ecd-4f52-bcc5-73eac4659dcf

KEV Date Added

Kategoriler

CWE-79 Indoor Connect 8855 Firmware HIGH Ericsson 2026

Referanslar

https://www.ericsson.com/en/about-us/security/psirt/CVE-2025-40842 https://www.ericsson.com/en/about-us/security/psirt/security-bulletin-indoorconnect-march-2026

Benzer Kayıtlar

High

CVE-2025-27260

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability…

Medium

CVE-2025-40841

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery (CSRF) vulnerability which,…

Medium

CVE-2025-40843

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.…

Medium

CVE-2025-27258

Ericsson Network Manager (ENM) versions prior to ENM 25.1 GA contain a vulnerability, if exploited, can result in an esc…

Low

CVE-2025-27259

Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limite…

High

CVE-2025-40836

Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacke…