Back to search
CVE-2018-8851
Published: Jul 24, 2018
Modified: Jun 2, 2026
PUBLISHED
Description
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow an attacker with access to the configuration file to log into the SmartServer web user interface.
| Vendor | Product | Versions |
|---|---|---|
Echelon | SmartServer 1 | affected all versions |
Echelon | SmartServer 2 | affected all versions prior to release 4.11.007 |
Echelon | i.LON 100 | affected all versions |
Echelon | i.LON 600 | affected all versions |
Weaknesses (CWE)
References
https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now