Ercom Cryptobox CVE-2026-0873
Lifecycle Timeline
2DescriptionCVE.org
On a Cryptobox platform where administrator segregation based on entities is used, some vulnerabilities in Ercom Cryptobox administration console allows an authenticated entity administrator with knowledge to elevate his account to global administrator.
Analysis
On a Cryptobox platform where administrator segregation based on entities is used, some vulnerabilities in Ercom Cryptobox administration console allows an authenticated entity administrator with knowledge to elevate his account to global administrator.
Technical ContextAI
Classified as CWE-79 (Cross-site Scripting (XSS)). On a Cryptobox platform where administrator segregation based on entities is used, some vulnerabilities in Ercom Cryptobox administration console allows an authenticated entity administrator with knowledge to elevate his account to global administrator.
Affected ProductsAI
On a Cryptobox platform where administrator segregation based on entities is used, some vulnerabilities in Ercom Cryptobox administration console allo
RemediationAI
Monitor vendor advisories for a patch. Implement output encoding and Content Security Policy headers.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today