CVE-2023-25915 - Remote Command Execution in Danfoss AK-SM800A
| CVE | CVE-2023-25915 | |||||||||||
| Case | DIVD-2023-00025 | |||||||||||
| Discovered by |
|
|||||||||||
| Credits |
|
|||||||||||
| Affected products |
|
|||||||||||
| Page author | Max van der Horst | |||||||||||
| CVSS |
Base score:
9.9
(CRITICAL) |
|||||||||||
| References |
|
|||||||||||
| Problem type(s) | CWE-20 Improper Input Validation | |||||||||||
| Solution(s) | Upgrade to the latest patch, which is version 3.3. | |||||||||||
| Last modified | 19 Aug 2023 15:42 |
Description
Due to improper input validation, a remote attacker could execute arbitrary commands on the target system.
JSON version