Vulnerabilities > Danfoss > AK Em100 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-06-11 CVE-2023-25911 Command Injection vulnerability in Danfoss Ak-Em100 Firmware
The Danfoss AK-EM100 web applications allow for an authenticated user to perform OS command injection through the web application parameters.
network
low complexity
danfoss CWE-77
critical
 9.8
9.8
2023-06-11 CVE-2023-22583 SQL Injection vulnerability in Danfoss Ak-Em100 Firmware
The Danfoss AK-EM100 web forms allow for SQL injection in the login forms.
network
low complexity
danfoss CWE-89
critical
 9.8
9.8