Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Danfoss — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting Danfoss. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Danfoss specializes in manufacturing industrial automation and climate control solutions, with products widely deployed in critical infrastructure. Historically, their systems have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from inadequate input validation and authentication flaws. The company has faced scrutiny for security gaps in connected devices, with multiple CVEs exposing risks in web interfaces and communication protocols. While no major public incidents have been widely reported, the accumulation of 13 CVEs indicates persistent security challenges in their IoT and control systems, highlighting the need for robust patch management and secure development practices in industrial environments.

Top products by Danfoss: AK-EM100 AK-SM800A AK-SM8xxA Series AK-SM 8xxA Series
CVE IDTitleCVSSSeverityPublished
CVE-2025-41452 Post auth nginx configuration injection in Danfoss AK-SM8xxA Series — AK-SM8xxA SeriesCWE-15 5.3AIMediumAI2025-08-22
CVE-2025-41451 Post-Authentication OS Command Injection RCE in Danfoss AK-SM8xxA Series — AK-SM8xxA SeriesCWE-77 7.2AIHighAI2025-08-22
CVE-2025-41450 Authentication bypass with privileged access in Danfoss AK-SM 8xxA Series prior to version 4.2 — AK-SM 8xxA SeriesCWE-305 8.2 High2025-05-08
CVE-2023-25913 Authentication Bypass in Danfoss AK-SM800A — AK-SM800ACWE-200 7.5 High2023-08-21
CVE-2023-25914 Authneticated Path Traversal in Danfoss AK-SM800A — AK-SM800ACWE-22 8.8 High2023-08-21
CVE-2023-25915 Authenticated Remote Command Execution in Danfoss AK-SM800A — AK-SM800ACWE-20 9.9 Critical2023-08-21
CVE-2023-25911 Authenticated OS Command Injection in Danfoss AK-EM100 — AK-EM100CWE-77 9.9 Critical2023-06-11
CVE-2023-22583 SQL Injection in Danfoss AK-EM100 — AK-EM100CWE-89 10.0 Critical2023-06-11
CVE-2023-22586 Local File Inclusion in Danfoss AK-EM100 — AK-EM100CWE-200 7.7 High2023-06-11
CVE-2023-22585 Reflected Cross-Site Scripting in Danfoss AK-EM100 — AK-EM100CWE-79 9.0 Critical2023-06-11
CVE-2023-22584 Cleartext credentials in Danfoss AK-EM100 — AK-EM100CWE-312 7.5 High2023-06-11
CVE-2023-22582 Reflected Cross-Site Scripting in Danfoss AK-EM100 — AK-EM100CWE-79 9.0 Critical2023-06-11
CVE-2023-25912 Webreport disclosure to unauthorized actor in Danfoss AK-EM100 — AK-EM100CWE-200 5.3 Medium2023-06-11

This page lists every published CVE security advisory associated with Danfoss. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.