CVE-2018-8851
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-8851
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow an attacker with access to the configuration file to log into the SmartServer web user interface.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
明文存储口令
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Echelon产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Echelon SmartServer 1等都是美国Echelon公司的产品。Echelon SmartServer 1是一款多功能控制器,它支持楼宇自动化控制和企业能源管理等。i.LON 100是一款网络服务器,它主要用于配置和监控LonWorks设备。 多款Echelon产品中存在安全漏洞,该漏洞源于程序将密码存储为明文形式。攻击者可利用该漏洞登录到SmartServer Web用户界面。以下产品和版本受到影响:Echelon SmartServer 1(全部版本);SmartServer 2 4.1
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Echelon | SmartServer 1 | all versions | - | |
| Echelon | SmartServer 2 | all versions prior to release 4.11.007 | - | |
| Echelon | i.LON 100 | all versions | - | |
| Echelon | i.LON 600 | all versions | - |
II. Public POCs for CVE-2018-8851
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-8851
请登录查看更多情报信息。
- https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2018-8851
Same Patch Batch · Echelon · 2018-07-24 · 4 CVEs total
| CVE-2018-10627 | Echelon SmartServer 1、SmartServer 2和i.LON 100 信息泄露漏洞 | |
| CVE-2018-8855 | 多款Echelon产品安全漏洞 | |
| CVE-2018-8859 | Echelon SmartServer 1、SmartServer 2和i.LON 100 安全漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2018-8851
No comments yet