Vulnerabilities > Circontrol > Circarlife Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-11-02 CVE-2018-17922 Information Exposure Through Log Files vulnerability in Circontrol Circarlife Firmware 4.3
Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication.
network
low complexity
circontrol CWE-532
critical
 9.8
9.8
2018-11-02 CVE-2018-17918 Improper Authentication vulnerability in Circontrol Circarlife Firmware 4.3
Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page.
network
low complexity
circontrol CWE-287
critical
 9.8
9.8