Vulnerabilities (CVE)

Filtered by vendor Ericom Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-29152 1 Ericom 1 Powerterm Webconnect 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page.
CVE-2020-24548 1 Ericom 1 Access Server 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports.
CVE-2014-3913 1 Ericom 1 Accessnow Server 2024-11-21 10.0 HIGH N/A
Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow Server allows remote attackers to execute arbitrary code via a request for a non-existent file.