Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change sensitive configuration items such as the usernames and passwords for the Web and FTP servers. This vulnerability does not affect the i.LON 600 product.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HEchelon I.lon 100
HWEchelonwszystkie wersjeEchelon I.lon 100 Firmware
OSEchelonwszystkie wersjeEchelon Smartserver 1
HWEchelonwszystkie wersjeEchelon Smartserver 1 Firmware
OSEchelonwszystkie wersjeEchelon Smartserver 2
HWEchelonwszystkie wersjeEchelon Smartserver 2 Firmware
OSEchelon< 4.11.007
Related vulnerabilities
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versio...
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versio...
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versio...
Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow a...