Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

59 matches found

NVD
NVDadded 2018/09/18 8:29 p.m.16 views

CVE-2018-16670

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is PLC status disclosure due to lack of authentication for /html/devstat.html...

5.3CVSS5.3AI score0.45583EPSS
Exploits5References2
Prion
Prionadded 2018/09/18 8:29 p.m.13 views

Design/Logic Flaw

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository...

5CVSS5.6AI score0.52182EPSS
Exploits5References2Affected Software1
OSV
OSVadded 2018/09/18 8:29 p.m.1 views

CVE-2018-16668

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository...

5.3CVSS5.8AI score
Exploits0References2
Prion
Prionadded 2018/09/18 8:29 p.m.15 views

Open redirect

An issue was discovered in CIRCONTROL Open Charge Point Protocol OCPP before 1.5.0, as used in CirCarLife, PowerStudio, and other products. Due to storage of credentials in XML files, an unprivileged user can look at /services/config/config.xml for the admin credentials of the ocpp and circarlife...

5CVSS9.4AI score0.00934EPSS
Exploits5References2Affected Software1
NVD
NVDadded 2018/09/18 8:29 p.m.13 views

CVE-2018-16668

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository...

5.3CVSS5.3AI score0.52182EPSS
Exploits5References2
Prion
Prionadded 2018/09/18 8:29 p.m.12 views

Information disclosure

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack of authentication for /html/device-id...

5CVSS5.5AI score0.42489EPSS
Exploits5References2Affected Software1
Prion
Prionadded 2018/09/18 8:29 p.m.19 views

Design/Logic Flaw

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is PLC status disclosure due to lack of authentication for /html/devstat.html...

5CVSS5.6AI score0.45583EPSS
Exploits5References2Affected Software1
Cvelist
Cvelistadded 2018/09/18 8:0 p.m.13 views

CVE-2018-16669

An issue was discovered in CIRCONTROL Open Charge Point Protocol OCPP before 1.5.0, as used in CirCarLife, PowerStudio, and other products. Due to storage of credentials in XML files, an unprivileged user can look at /services/config/config.xml for the admin credentials of the ocpp and circarlife...

9.5AI score0.00934EPSS
Exploits5References2
Cvelist
Cvelistadded 2018/09/18 8:0 p.m.12 views

CVE-2018-16668

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository...

5.8AI score0.52182EPSS
Exploits5References2
CVE
CVEadded 2018/09/18 8:0 p.m.55 views

CVE-2018-16669

The CVE-2018-16669 entry concerns CIRCONTROL’s Open Charge Point Protocol (OCPP) implementations used in CirCarLife, PowerStudio, and similar products. The issue arises from storing admin credentials in XML files, allowing an unprivileged user to read /services/config/config.xml and obtain OCPP/c...

9.8CVSS9.4AI score0.00934EPSS
Exploits5References2Affected Software1
Cvelist
Cvelistadded 2018/09/18 8:0 p.m.18 views

CVE-2018-16670

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is PLC status disclosure due to lack of authentication for /html/devstat.html...

5.7AI score0.45583EPSS
Exploits5References2
Cvelist
Cvelistadded 2018/09/18 8:0 p.m.8 views

CVE-2018-16671

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack of authentication for /html/device-id...

5.6AI score0.42489EPSS
Exploits5References2
CVE
CVEadded 2018/09/18 8:0 p.m.83 views

CVE-2018-16671

CirCarLife before 4.3 is affected by CVE-2018-16671 due to improper authentication for /html/device-id, causing system software information disclosure. Affected component is the CirCarLife web interface; root cause is lack of authentication on the device-id endpoint, enabling an unauthenticated u...

5.3CVSS6.1AI score0.42489EPSS
Exploits5References2Affected Software1
CVE
CVEadded 2018/09/18 8:0 p.m.80 views

CVE-2018-16670

CVE-2018-16670 affects CIRCONTROL CirCarLife prior to 4.3. The issue is improper authentication that allows disclosure of PLC status information via the unauthenticated access to /html/devstat.html. Reported details indicate an attacker can obtain sensitive PLC status data and, per some sources, ...

5.3CVSS6.2AI score0.45583EPSS
Exploits5References2Affected Software1
CVE
CVEadded 2018/09/18 8:0 p.m.82 views

CVE-2018-16668

CVE-2018-16668 affects CirControl CirCarLife before 4.3. The issue is improper authentication that allows an internal installation path disclosure via /html/repository, potentially enabling attackers to obtain sensitive information and perform unauthorized operations. Nuclei/Nuclei-style template...

5.3CVSS6.3AI score0.52182EPSS
Exploits5References2Affected Software1
0day.today
0day.todayadded 2018/09/16 12:0 a.m.84 views

CirCarLife SCADA 4.3.0 - Credential Disclosure Exploit

Exploit for hardware platform in category web applications Exploit Title: CirCarLife SCADA 4.3.0 - Credential Disclosure Exploit Author: David Castro Vendor Homepage: https://circontrol.com/ Shodan Dork: Server: CirCarLife Server: PsiOcppApp Version: CirCarLife Scada all versions under 4.3.0 OCPP...

5CVSS6.6AI score0.92448EPSS
Exploits10
exploitpack
exploitpackadded 2018/09/12 12:0 a.m.46 views

CirCarLife SCADA 4.3.0 - Credential Disclosure

CirCarLife SCADA 4.3.0 - Credential Disclosure Exploit Title: CirCarLife SCADA 4.3.0 - Credential Disclosure Date: 2018-09-10 Exploit Author: David Castro Vendor Homepage: https://circontrol.com/ Shodan Dork: Server: CirCarLife Server: PsiOcppApp Version: CirCarLife Scada all versions under 4.3.0...

5CVSS5.7AI score0.92448EPSS
Exploits10
CNVD
CNVDadded 2018/06/22 12:0 a.m.3 views

CirCarLife Scada Information Disclosure Vulnerability

Circontrol CirCarLife Scada is a parking lot automation system from Circontrol, Spain. A security vulnerability exists in Circontrol CirCarLife Scada version 4.2.4. A remote attacker can exploit this vulnerability by sending a direct request to the html/log or services/system/info.html URIs to...

9.8CVSS9.2AI score0.92448EPSS
Exploits5References1
CNVD
CNVDadded 2018/06/22 12:0 a.m.3 views

CirCarLife Scada Unauthorized Upgrade Vulnerability

Circontrol CirCarLife Scada is a parking lot automation system from Circontrol, Spain. A security vulnerability exists in Circontrol CirCarLife Scada version 4.2.4. The vulnerability can be exploited to disclose sensitive information by sending requests to the html/upgrade.html and...

7.5CVSS7.3AI score0.00237EPSS
Exploits0References1
Rows per page
Query Builder