Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2018-20467

Malware in sbrugna...

9.8CVSS9.5AI score0.01579EPSS
Exploits0References2
NVD
NVDadded 2018/07/24 5:29 p.m.18 views

CVE-2018-10627

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change sensitive configuration items such as the usernames and passwords for the Web and FTP servers. This...

9.8CVSS9.4AI score0.01225EPSS
Exploits0References1
OSV
OSVadded 2018/07/24 5:29 p.m.3 views

CVE-2018-8851

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow an attacker with access to the configuration file to log into the SmartServer web user interface...

9.8CVSS5.8AI score0.01297EPSS
Exploits0References1
NVD
NVDadded 2018/07/24 5:29 p.m.13 views

CVE-2018-8859

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specified in the security configuration file by including extra characters in the directory name when...

9.8CVSS9.7AI score0.01579EPSS
Exploits0References1
Prion
Prionadded 2018/07/24 5:29 p.m.12 views

Default configuration

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices allow unencrypted Web connections by default, and devices can receive configuration and firmware updates by unsecure FTP...

7.5CVSS9.4AI score0.00827EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2018/07/24 5:0 p.m.14 views

CVE-2018-8851

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow an attacker with access to the configuration file to log into the SmartServer web user interface...

9.4AI score0.01297EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2018/07/24 12:0 a.m.4 views

PT-2018-18663

Name of the Vulnerable Software and Affected Versions Echelon SmartServer 1 versions all Echelon SmartServer 2 versions prior to 4.11.007 Echelon i.LON 100 versions all Echelon i.LON 600 versions all Description The issue concerns the storage of passwords in plaintext, which could allow an attack...

9.8CVSS7.7AI score0.01297EPSS
Exploits0References4
CNVD
CNVDadded 2018/07/20 12:0 a.m.3 views

Echelon SmartServer 1, SmartServer 2 and i.LON 100 Authentication Bypass Vulnerability

Echelon SmartServer 1, SmartServer 2 and i.LON 100 are all products of Echelon Corporation, USA. echelon SmartServer 1 and SmartServer 2 are multifunctional controllers, which support building automation control and enterprise energy management, etc. i.LON 100 is a network server, which is mainly...

9.8CVSS9.6AI score0.01579EPSS
Exploits0References1
Rows per page
Query Builder