CVE-2023-25915 - Remote Command Execution in Danfoss AK-SM800A
CVE | CVE-2023-25915 | |||||||||||
Case | DIVD-2023-00025 | |||||||||||
Discovered by |
|
|||||||||||
Credits |
|
|||||||||||
Affected products |
|
|||||||||||
Page author | Max van der Horst | |||||||||||
CVSS |
Base score:
9.9
(CRITICAL) |
|||||||||||
References |
|
|||||||||||
Problem type(s) | CWE-20 Improper Input Validation | |||||||||||
Solution(s) | Upgrade to the latest patch, which is version 3.3. | |||||||||||
Last modified | 19 Aug 2023 15:42 |
Description
Due to improper input validation, a remote attacker could execute arbitrary commands on the target system.
JSON version