PT-2018-14270 · Circontrol · Circarlife
Alim Solmaz
+4
·
Published
2018-11-02
·
Updated
2019-10-09
·
CVE-2018-17918
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Circontrol CirCarLife versions prior to 4.3.1
Description
The issue allows authentication to the device to be bypassed by entering the URL of a specific page.
Recommendations
For versions prior to 4.3.1, update to version 4.3.1 or later to resolve the issue.
Fix
Authentication Bypass Using an Alternate Path or Channel
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Circarlife