2 matches found
CVE-2018-16672
The CVE-2018-16672 entry concerns CirControl CirCarLife prior to version 4.3. An authenticated but unprivileged user can exfiltrate critical setup information due to storing multiple sensitive information elements in JSON at /services/system/setup.json. This information disclosure is described ac...
CirCarLife SCADA 4.3.0 Credential Disclosure
Exploit Title: CirCarLife SCADA 4.3.0 - Credential Disclosure Date: 2018-09-10 Exploit Author: David Castro Vendor Homepage: https://circontrol.com/ Shodan Dork: Server: CirCarLife Server: PsiOcppApp Version: CirCarLife Scada all versions under 4.3.0 OCPP implementation all versions under 1.5.0 C...