Vulnerabilities > Ericsson > High

DATE CVE VULNERABILITY TITLE RISK
2024-04-04 CVE-2024-25007 Improper Neutralization of Formula Elements in a CSV File vulnerability in Ericsson Network Manager 21.2/22.1/22.2
Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure.
low complexity
ericsson CWE-1236
7.1
2023-12-07 CVE-2023-39909 Unspecified vulnerability in Ericsson Network Manager 21.2/22.1/22.2
Ericsson Network Manager before 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application.
network
low complexity
ericsson
8.8
2023-12-05 CVE-2022-47531 Unspecified vulnerability in Ericsson Evolved Packet Gateway 2.0/3.0
An issue was discovered in Ericsson Evolved Packet Gateway (EPG) versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell.
network
low complexity
ericsson
8.8
2003-12-31 CVE-2003-1442 Improper Authentication vulnerability in Ericsson Hm220Dp Adsl Modem
The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side.
network
low complexity
ericsson CWE-287
7.5