Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
circontrol vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-17918
Circontrol CirCarLife all versions before 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page.
Circontrol Circarlife Firmware
445
VMScore
CVE-2018-17922
Circontrol CirCarLife all versions before 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication.
Circontrol Circarlife Firmware
505
VMScore
CVE-2018-12634
CirCarLife Scada prior to 4.3 allows remote malicious users to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.
Circontrol Circarlife Scada
1 EDB exploit
445
VMScore
CVE-2018-12635
CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs.
Circontrol Scada 4.2.4
446
VMScore
CVE-2018-16668
An issue exists in CIRCONTROL CirCarLife prior to 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository.
Circontrol Circarlife Scada
446
VMScore
CVE-2018-16670
An issue exists in CIRCONTROL CirCarLife prior to 4.3. There is PLC status disclosure due to lack of authentication for /html/devstat.html.
Circontrol Circarlife Scada
446
VMScore
CVE-2018-16671
An issue exists in CIRCONTROL CirCarLife prior to 4.3. There is system software information disclosure due to lack of authentication for /html/device-id.
Circontrol Circarlife Scada
356
VMScore
CVE-2018-16672
An issue exists in CIRCONTROL CirCarLife prior to 4.3. Due to the storage of multiple sensitive information elements in a JSON format at /services/system/setup.json, an authenticated but unprivileged user can exfiltrate critical setup information.
Circontrol Circarlife Scada
445
VMScore
CVE-2018-16669
An issue exists in CIRCONTROL Open Charge Point Protocol (OCPP) prior to 1.5.0, as used in CirCarLife, PowerStudio, and other products. Due to storage of credentials in XML files, an unprivileged user can look at /services/config/config.xml for the admin credentials of the ocpp a...
Circontrol Open Charge Point Protocol
NA
CVE-2020-8006
The server in Circontrol Raption up to and including 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The ocpp1.5 and pwrstudio binaries on the charging station do not use a number of common exploita...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »