Back to search
CVE-2018-10627
Published: Jul 24, 2018
Modified: Jun 2, 2026
PUBLISHED
Description
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change sensitive configuration items such as the usernames and passwords for the Web and FTP servers. This vulnerability does not affect the i.LON 600 product.
| Vendor | Product | Versions |
|---|---|---|
Echelon | SmartServer 1 | affected all versions |
Echelon | SmartServer 2 | affected all versions prior to release 4.11.007 |
Echelon | i.LON 100 | affected all versions |
Echelon | i.LON 600 | affected all versions |
Weaknesses (CWE)
References
https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now