Ak Sm800a
by Danfoss
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-25913 | 0.00 | — | 0.00 | Aug 21, 2023 | Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information. | |||
| CVE-2023-25914 | 0.00 | — | 0.00 | Aug 21, 2023 | Due to improper restriction, authenticated attackers could retrieve and read system files of the underlying server through the XML interface. The information that can be read can lead to a full system compromise. | |||
| CVE-2023-25915 | 0.00 | — | 0.01 | Aug 21, 2023 | Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system. |
- CVE-2023-25913Aug 21, 2023risk 0.00cvss —epss 0.00
Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.
- CVE-2023-25914Aug 21, 2023risk 0.00cvss —epss 0.00
Due to improper restriction, authenticated attackers could retrieve and read system files of the underlying server through the XML interface. The information that can be read can lead to a full system compromise.
- CVE-2023-25915Aug 21, 2023risk 0.00cvss —epss 0.01
Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system.