CVE-2023-22586 HIGH

CVE-2023-22586: Local File Inclusion in Danfoss AK-EM100

Vendor Danfoss
Product AK-EM100
Weakness CWE-200 · Info exposure
Published June 11, 2023
Last update January 9, 2025
View on NVD All CVEs

CVSS base score

7.7/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter.

Key dates

02Disclosure timeline

June 11, 2023 CVE published
January 9, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-47264 Discourse: Don't leak restricted tag group names via tag info CVE-2024-13640 Print Invoice & Delivery Notes for WooCommerce <= 5.4.1 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory CVE-2025-30291 ColdFusion | Information Exposure (CWE-200) CVE-2024-13525 Customer Email Verification for WooCommerce <= 2.9.4 - Authenticated (Contributor+) Sensitive Information Exposure CVE-2023-33933 Apache Traffic Server: s3_auth plugin problem with hash calculation