Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authneticated Path Traversal in Danfoss AK-SM800A
Vulnerability Description
Due to improper restriction, authenticated attackers could retrieve and read system files of the underlying server through the XML interface. The information that can be read can lead to a full system compromise.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Danfoss AK-SM800A 路径遍历漏洞
Vulnerability Description
Danfoss AK-SM800A是丹麦Danfoss公司的一个系统管理器。提供安全的系统控制和监控 Danfoss AK-SM800A 3.3及之前版本存在安全漏洞,该漏洞源于限制不当,攻击者利用该漏洞可以通过XML接口检索并读取底层服务器的系统文件。
CVSS Information
N/A
Vulnerability Type
N/A