CVE-2023-25913 - Authentication Bypass in Danfoss AK-SM800A
CVE | CVE-2023-25913 | |||||||||||
Discovered by |
|
|||||||||||
Credits |
|
|||||||||||
Affected products |
|
|||||||||||
Page author | Max van der Horst | |||||||||||
CVSS |
Base score:
6.5
(MEDIUM) |
|||||||||||
References |
|
|||||||||||
Problem type(s) | CWE-200 Exposure of Sensitive Information to an Unauthorized Actor | |||||||||||
Last modified | 21 Aug 2023 15:01 |
Description
Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.
JSON version