What the vulnerability does
01Description
Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system.
CVE-2023-25915
CRITICAL
CVE-2023-25915: Authenticated Remote Command Execution in Danfoss AK-SM800A
CVSS base score
9.9/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Key dates
02Disclosure timeline
August 21, 2023
CVE published
January 9, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2021-20206
CVE-2026-20257 Improper Input Validation through Classic Dashboard CSS in Splunk Enterprise
CVE-2025-8097 WoodMart - Multipurpose WooCommerce Theme <= 8.2.6 - Improper Input Validation Leading to Unauthenticated Cart Manipulation
CVE-2023-21631 Improper Input Validation in Modem
CVE-2017-3849
