Skip to the content.

CVE-2023-25914 - Path Traversal in Danfoss AK-SM800A

CVE CVE-2023-25914
Discovered by
  • Synacktiv
Affected products
Product Affected Unaffected Unknown
Danfoss AK-SM800A = < 3.3
everything else
Page author Max van der Horst
CVSS Base score: 9.9 (CRITICAL)
Problem type(s) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Last modified 18 Aug 2023 17:09


Due to improper restriction, attackers could retrieve and read system files of the underlying server through the XML interface.

JSON version