Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25915 | 1 Danfoss | 2 Ak-sm 800a, Ak-sm 800a Firmware | 2024-11-21 | N/A | 9.9 CRITICAL |
| Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system. | |||||
| CVE-2023-25914 | 1 Danfoss | 2 Ak-sm 800a, Ak-sm 800a Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Due to improper restriction, authenticated attackers could retrieve and read system files of the underlying server through the XML interface. The information that can be read can lead to a full system compromise. | |||||
| CVE-2023-25913 | 1 Danfoss | 2 Ak-sm 800a, Ak-sm 800a Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information. | |||||