Lucene search

Danfoss Security Vulnerabilities

cve

CVE-2023-25915

Due to improper input validation, a remote attacker could execute arbitrary commands on the target...

9.9CVSS

9.6AI Score

0.001EPSS

2023-08-21 09:15 PM

cve

CVE-2023-25913

Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive...

7.7CVSS

7.4AI Score

0.001EPSS

2023-08-21 09:15 PM

cve

CVE-2023-25914

Due to improper restriction, attackers could retrieve and read system files of the underlying server through the XML...

9.9CVSS

7.4AI Score

0.001EPSS

2023-08-21 09:15 PM

cve

CVE-2023-22582

The Danfoss AK-EM100 web applications allow for Reflected Cross-Site...

9CVSS

6.3AI Score

0.001EPSS

2023-06-11 02:15 PM

cve

CVE-2023-25912

The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device...

5.3CVSS

5.1AI Score

0.001EPSS

2023-06-11 02:15 PM

cve

CVE-2023-22586

The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file...

7.5CVSS

7.5AI Score

0.003EPSS

2023-06-11 02:15 PM

cve

CVE-2023-22584

The Danfoss AK-EM100 stores login credentials in...

7.5CVSS

7.5AI Score

0.003EPSS

2023-06-11 02:15 PM

cve

CVE-2023-25911

The Danfoss AK-EM100 web applications allow for OS command injection through the web application...

9.9CVSS

9.7AI Score

0.001EPSS

2023-06-11 02:15 PM

cve

CVE-2023-22585

The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title...

9CVSS

6.1AI Score

0.001EPSS

2023-06-11 02:15 PM

cve

CVE-2023-22583

The Danfoss AK-EM100 web forms allow for SQL injection in the login...

10CVSS

9.8AI Score

0.002EPSS

2023-06-11 02:15 PM