PT-2018-14270 · Circontrol · Circarlife

Alim Solmaz

+4

·

Publicado

2018-11-02

·

Atualizado

2019-10-09

·

CVE-2018-17918

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Circontrol CirCarLife versions prior to 4.3.1
Description The issue allows authentication to the device to be bypassed by entering the URL of a specific page.
Recommendations For versions prior to 4.3.1, update to version 4.3.1 or later to resolve the issue.

Correção

Authentication Bypass Using an Alternate Path or Channel

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-288CWE-287

Identificadores relacionados

CVE-2018-17918

Produtos afetados

Circarlife