GCVE - cpe:2.3:h:danfoss:ak-sm_800a:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:danfoss:ak-sm_800a:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Danfoss (`4a381c1e-2f85-5f8c-b4e6-c3ced60eda9c`)
Product	Ak Sm 800A (`2b87d388-eff7-5e36-8a34-4929caef37a5`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-25915`	not_vulnerable	2026-06-08 05:56:10.765978	Authenticated Remote Command Execution in Danfoss AK-SM800A CRITICAL (9.9) Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system. Published: 2023-08-21T20:30:02.375Z Updated: 2025-01-09T07:56:40.947Z Open on db.gcve.eu Reference links https://csirt.divd.nl/CVE-2023-25915 https://csirt.divd.nl/DIVD-2023-00025	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-25914`	not_vulnerable	2026-06-08 05:56:10.764107	Authneticated Path Traversal in Danfoss AK-SM800A HIGH (8.8) Due to improper restriction, authenticated attackers could retrieve and read system files of the underlying server through the XML interface. The information that can be read can lead to a full system compromise. Published: 2023-08-21T20:30:03.122Z Updated: 2025-07-19T05:15:44.063Z Open on db.gcve.eu Reference links https://csirt.divd.nl/CVE-2023-25914 https://csirt.divd.nl/DIVD-2023-00025	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-25914`	vulnerable	2026-06-08 05:56:10.763881	Authneticated Path Traversal in Danfoss AK-SM800A HIGH (8.8) Due to improper restriction, authenticated attackers could retrieve and read system files of the underlying server through the XML interface. The information that can be read can lead to a full system compromise. Published: 2023-08-21T20:30:03.122Z Updated: 2025-07-19T05:15:44.063Z Open on db.gcve.eu Reference links https://csirt.divd.nl/CVE-2023-25914 https://csirt.divd.nl/DIVD-2023-00025	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-25913`	not_vulnerable	2026-06-08 05:56:10.763376	Authentication Bypass in Danfoss AK-SM800A HIGH (7.5) Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information. Published: 2023-08-21T20:30:03.854Z Updated: 2025-01-09T07:56:41.147Z Open on db.gcve.eu Reference links https://csirt.divd.nl/CVE-2023-25913 https://csirt.divd.nl/DIVD-2023-00025	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.