Echelon SmartServer 1 all versions, SmartServer 2 all...
Critical severity
Unreviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Jul 24, 2018
Published to the GitHub Advisory Database
May 13, 2022
Last updated
Feb 1, 2023
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow an attacker with access to the configuration file to log into the SmartServer web user interface.
References