cvedb.io
CVE-2018-4860
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2018-06-26T18:29:00.980 · Last modified 2026-06-17T01:59:11.120

Summary

A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/tcp), could execute arbitrary operating system commands. Successful exploitation requires that the attacker has network access to the web interface. The attacker must be authenticated as administrative user to exploit the security vulnerability. The vulnerability could allow an attacker to execute arbitrary code on the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

Affected products

siemens — scalance_m875_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when siemens ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.