Vulnerabilities > Circontrol

DATE CVE VULNERABILITY TITLE RISK
2018-11-02 CVE-2018-17922 Information Exposure Through Log Files vulnerability in Circontrol Circarlife Firmware 4.3
Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication.
network
low complexity
circontrol CWE-532
5.0
2018-11-02 CVE-2018-17918 Improper Authentication vulnerability in Circontrol Circarlife Firmware 4.3
Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page.
network
low complexity
circontrol CWE-287
7.5
2018-09-26 CVE-2018-16672 Information Exposure vulnerability in Circontrol Circarlife Scada
An issue was discovered in CIRCONTROL CirCarLife before 4.3.
network
low complexity
circontrol CWE-200
4.0
2018-09-18 CVE-2018-16671 Information Exposure vulnerability in Circontrol Circarlife Scada
An issue was discovered in CIRCONTROL CirCarLife before 4.3.
network
low complexity
circontrol CWE-200
5.0
2018-09-18 CVE-2018-16670 Improper Authentication vulnerability in Circontrol Circarlife Scada
An issue was discovered in CIRCONTROL CirCarLife before 4.3.
network
low complexity
circontrol CWE-287
5.0
2018-09-18 CVE-2018-16669 Insufficiently Protected Credentials vulnerability in Circontrol Open Charge Point Protocol
An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in CirCarLife, PowerStudio, and other products.
network
low complexity
circontrol CWE-522
5.0
2018-09-18 CVE-2018-16668 Improper Authentication vulnerability in Circontrol Circarlife Scada
An issue was discovered in CIRCONTROL CirCarLife before 4.3.
network
low complexity
circontrol CWE-287
5.0
2018-06-22 CVE-2018-12635 Improper Input Validation vulnerability in Circontrol Scada 4.2.4
CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs.
network
low complexity
circontrol CWE-20
5.0
2018-06-22 CVE-2018-12634 Information Exposure vulnerability in Circontrol Circarlife Scada
CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.
network
low complexity
circontrol CWE-200
5.0