Vulnerabilities > Ericom

DATE CVE VULNERABILITY TITLE RISK
2022-04-28 CVE-2022-29152 Cross-site Scripting vulnerability in Ericom Powerterm Webconnect 6.0
The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page.
network
low complexity
ericom CWE-79
6.1
2020-08-26 CVE-2020-24548 Server-Side Request Forgery (SSRF) vulnerability in Ericom Access Server 9.2.0
Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports.
network
low complexity
ericom CWE-918
5.3