CVE-2023-22586
Local File Inclusion in Danfoss AK-EM 100
| CVE | CVE-2023-22586 | |||||||||||
| Title | Local File Inclusion in Danfoss AK-EM 100 | |||||||||||
| Credits |
|
|||||||||||
| Affected products |
|
|||||||||||
| CVSS |
Base score:
7.4
(HIGH) |
|||||||||||
| References |
|
|||||||||||
| Problem type(s) | CWE-200 Exposure of Sensitive Information to an Unauthorized Actor | |||||||||||
| Date published | ||||||||||||
| Last modified |
Description
The Danfoss AK-EM 100 web applications allow for Local File Inclusion in the file parameter.
Workaround(s)
The AK-EM 100 has been declared End of Life (EOL). Danfoss advises phasing out this type of device.
JSON version.