Filtered by vendor Danfoss
Subscriptions
Filtered by product Ak-em100 Firmware
Subscriptions
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-22582 | 1 Danfoss | 2 Ak-em100, Ak-em100 Firmware | 2024-08-06 | 9 Critical |
| The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting. | ||||
| CVE-2023-25911 | 1 Danfoss | 2 Ak-em100, Ak-em100 Firmware | 2024-08-06 | 9.9 Critical |
| The Danfoss AK-EM100 web applications allow for OS command injection through the web application parameters. | ||||
| CVE-2023-22586 | 1 Danfoss | 2 Ak-em100, Ak-em100 Firmware | 2024-08-06 | 7.4 High |
| The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter. | ||||
| CVE-2023-25912 | 1 Danfoss | 2 Ak-em100, Ak-em100 Firmware | 2024-08-06 | 5 Medium |
| The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device values. | ||||
| CVE-2023-22584 | 1 Danfoss | 2 Ak-em100, Ak-em100 Firmware | 2024-08-06 | 7.5 High |
| The Danfoss AK-EM100 stores login credentials in cleartext. | ||||
| CVE-2023-22585 | 1 Danfoss | 2 Ak-em100, Ak-em100 Firmware | 2024-08-06 | 9 Critical |
| The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter. | ||||
| CVE-2023-22583 | 1 Danfoss | 2 Ak-em100, Ak-em100 Firmware | 2024-08-06 | 10 Critical |
| The Danfoss AK-EM100 web forms allow for SQL injection in the login forms. | ||||
Page 1 of 1.