CVE-2018-12635

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
22/06/2018
Last modified:
10/08/2018

Description

CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:circontrol:scada:4.2.4:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools