CVE-2025-41452

Post auth nginx configuration injection in Danfoss AK-SM8xxA Series

Description

Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions

INFO

Published Date :

2025-08-22T02:40:53.563Z

Last Modified :

2025-08-22T10:52:36.122Z

Source :

Danfoss

AFFECTED PRODUCTS

The following products are affected by CVE-2025-41452 vulnerability.

Vendors	Products
Danfoss	Ak-sm8xxa Series

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-41452.

URL	Resource
https://www.danfoss.com/en/service-and-support/downloads/dcs/adap-kool-software/ak-sm-800a/#tab-overview

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability