Описание
Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 4.3.1 (исключая)
Одновременно
cpe:2.3:o:circontrol:circarlife_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:circontrol:circarlife:-:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00055
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-288
CWE-287
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page.
EPSS
Процентиль: 17%
0.00055
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-288
CWE-287