Vulnerabilities > Circontrol > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-02 | CVE-2018-17922 | Information Exposure Through Log Files vulnerability in Circontrol Circarlife Firmware 4.3 Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication. | 9.8 |
| 2018-11-02 | CVE-2018-17918 | Improper Authentication vulnerability in Circontrol Circarlife Firmware 4.3 Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page. | 9.8 |
| 2018-09-18 | CVE-2018-16669 | Insufficiently Protected Credentials vulnerability in Circontrol Open Charge Point Protocol 1.0.0 An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in CirCarLife, PowerStudio, and other products. | 9.8 |
| 2018-06-22 | CVE-2018-12634 | Information Exposure vulnerability in Circontrol Circarlife Scada CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI. | 9.8 |