IDCVSSSummaryLast (major) updatePublished
CVE-2018-16672 4.0
An issue was discovered in CIRCONTROL CirCarLife before 4.3. Due to the storage of multiple sensitive information elements in a JSON format at /services/system/setup.json, an authenticated but unprivileged user can exfiltrate critical setup informati
20-12-2018 - 14:58 26-09-2018 - 17:29
CVE-2018-17918 7.5
Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page.
09-10-2019 - 23:37 02-11-2018 - 15:29
CVE-2018-16668 5.0
An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository.
07-12-2018 - 18:18 18-09-2018 - 20:29
CVE-2018-17922 5.0
Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication.
09-10-2019 - 23:37 02-11-2018 - 15:29
Back to Top Mark selected
Back to Top