Description
CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.seebug.org/vuldb/ssvid-97353
Scores
CVSS v3
7.5
EPSS
0.0089
EPSS Percentile
55.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-20
Status
published
Products (1)
circontrol/scada
4.2.4
Published
Jun 22, 2018
Tracked Since
Feb 18, 2026