cvedb.io
CVE-2018-4861
MEDIUM · CVSS 4.9
EPSS exploitation probability: 0%
Published 2018-06-26T18:29:01.010 · Last modified 2026-06-17T01:59:11.223

Summary

A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/tcp), could potentially read and download arbitrary files from the device's file system. Successful exploitation requires that the attacker has network access to the web interface. The attacker must be authenticated as administrative user to exploit the security vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

Affected products

siemens — scalance_m875_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when siemens ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.