EricomCVEs & Vulnerabilities
3 CVEs affecting Ericom products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
3 CVEs→ All vendors
Most Affected Products
accessnow server 1access server 1powerterm webconnect 1
CVE-2022-29152MEDIUM
The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page.
28 Apr 2022
6.1
CVSS
CVE-2020-24548MEDIUM
Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports.
26 Aug 2020
5.3
CVSS
CVE-2014-3913CRITICALpoc
Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow Server allows remote attackers to execute arbitrary code via a request for a non-existent file.
4 Jun 2014
10.0
CVSS
← PrevPage 1 / 1Next →