CirCarLife Scada < v4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.
Due to a clear-text stored credentials, an unprivileged user can gain access to other services with higher privileges exploiting a flaw on Open Charge Point Protocol web implementation. All versions prior to <1.5.0 are vulnerable.
CirCarLife Scada < v4.3 allows remote authenticated attackers to obtain critical details about the carge station including credentials for GPRS Router.
An Information Exposure through Discrepancy vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200.