CVE-2018-10627
- EPSS 0.25%
- Veröffentlicht 24.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:41
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change sensitive configuration items such as the usernames ...
CVE-2018-8851
- EPSS 0.22%
- Veröffentlicht 24.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:27
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow an attacker with access to the configuration file ...
CVE-2018-8855
- EPSS 0.15%
- Veröffentlicht 24.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:27
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices allow unencrypted Web connections by default, and devices can receive configuration and firmware...
CVE-2018-8859
- EPSS 0.31%
- Veröffentlicht 24.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:28
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specified in the security configuration file by including...