CVE-2023-25915
Remote Command Execution in Danfoss AK-SM800A
| CVE | CVE-2023-25915 | |||||||||||
| Title | Remote Command Execution in Danfoss AK-SM800A | |||||||||||
| Case | DIVD-2023-00025 | |||||||||||
| Credits |
|
|||||||||||
| Affected products |
|
|||||||||||
| CVSS |
Base score:
9.9
(CRITICAL) |
|||||||||||
| References |
|
|||||||||||
| Problem type(s) | CWE-20 Improper Input Validation | |||||||||||
| Date published | 19 Aug 2023 10:00 UTC | |||||||||||
| Last modified |
Description
Due to improper input validation, a remote attacker could execute arbitrary commands on the target system.
Solution(s)
Upgrade to the latest patch, which is version 3.3.
JSON version.