Telstra

**Name of the Vulnerable Software and Affected Versions** Ericsson Indoor Connect 8855 versions prior to 2025.Q3 **Description** The software contains an Improper Filtering of Special Elements issue. Exploitation of this issue could allow for unauthorized modification of certain information. **Recommendations** Update to version 2025.Q3 or later.

**Name of the Vulnerable Software and Affected Versions** Ericsson Indoor Connect 8855 versions prior to 2025.Q3 **Description** The software contains a Cross-Site Request Forgery (CSRF) issue. Successful exploitation could allow an attacker to modify certain information without authorization. **Recommendations** Update to version 2025.Q3 or later.

**Name of the Vulnerable Software and Affected Versions** Ericsson Indoor Connect 8855 versions prior to 2025.Q3 **Description** The Ericsson Indoor Connect 8855 software contains a Cross-Site Scripting (XSS) issue. Successful exploitation of this issue could allow unauthorized disclosure and modification of information. **Recommendations** Update Ericsson Indoor Connect 8855 to version 2025.Q3 or later.

**Name of the Vulnerable Software and Affected Versions** Ericsson Indoor Connect 8855 (affected versions not specified) **Description** The software contains a missing authorization check. Successful exploitation could allow an attacker to gain access to the system with elevated privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ericsson Indoor Connect 8855 (affected versions not specified) **Description** The software contains a SQL injection issue that could allow unauthorized disclosure and modification of user and configuration data. The issue involves a SQL injection point that could be exploited by an attacker. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ericsson Indoor Connect 8855 (affected versions not specified) **Description** The Ericsson Indoor Connect 8855 has a security issue where client-side server-side security checks can be bypassed. Successful exploitation of this issue could result in the unauthorized disclosure of user accounts. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ericsson Indoor Connect 8855 (affected versions not specified) **Description** The software contains a command injection issue that, if exploited, could result in a loss of data integrity and confidentiality. This could lead to the unauthorized disclosure and modification of user and configuration data. It may also be possible to execute commands with escalated privileges, impacting service availability and allowing modification of system files and configuration data. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ericsson Indoor Connect 8855 (affected versions not specified) **Description** The software contains an improper input validation issue. Successful exploitation could result in a loss of data integrity and confidentiality, potentially leading to unauthorized disclosure and modification of user and configuration data. It may also be possible to execute commands with escalated privileges, impact service availability, and modify system files and configuration data. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.