Skip to the content.

CVE-2023-25915 - Remote Command Execution in Danfoss AK-SM800A

CVE CVE-2023-25915
Case DIVD-2023-00025
Discovered by
  • Synacktiv
Affected products
Product Affected Unaffected Unknown
Danfoss AK-SM800A = < 3.3
everything else
Page author Max van der Horst
CVSS Base score: 9.9 (CRITICAL)
Problem type(s) CWE-20 Improper Input Validation
Solution(s) Upgrade to the latest patch, which is version 3.3.
Last modified 19 Aug 2023 15:42


Due to improper input validation, a remote attacker could execute arbitrary commands on the target system.

JSON version