Skip to the content.

CVE-2023-25913 - Authentication Bypass in Danfoss AK-SM800A

CVE CVE-2023-25913
Discovered by
  • Jony Schats and Stan Plasmeijer (HackDefense)
Affected products
Product Affected Unaffected Unknown
Danfoss AK-SM800A = < 3.3
everything else
Page author Max van der Horst
CVSS Base score: 6.5 (MEDIUM)
Problem type(s) CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Last modified 21 Aug 2023 15:01


Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.

JSON version