CVE-2018-8859EPSS p72.3%

CVE-2018-8859CVE-2018-8859

echelon / smartserver_1_firmware

Description

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specified in the security configuration file by including extra characters in the directory name when specifying the directory to be accessed. This vulnerability does not affect the i.LON 600 product.

Scoring

CVSS 9.8 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS1.58% probability of exploitation · percentile 72.3% · 2026-06-19T12:03:05Z
Last modified2026-06-02

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2018-8851
CVE
CVE-2018-8855
CVE
CVE-2018-10627
CVE
CVE-2025-34186
CVE
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
CVE
CVE-2026-5786
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.