Metrics
Affected Vendors & Products
Solution
CIRCUTOR Q-SMT, in its firmware version 1.0.5, effectively solved the potential threat. CIRCUTOR made the new version available to its customers privately and strongly recommends them to keep their equipment updated.
Workaround
No workaround given by the vendor.
Tue, 15 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Tue, 01 Oct 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Circutor
Circutor q-smt Circutor q-smt Firmware |
|
Weaknesses | NVD-CWE-Other | |
CPEs | cpe:2.3:h:circutor:q-smt:-:*:*:*:*:*:*:* cpe:2.3:o:circutor:q-smt_firmware:1.0.4:*:*:*:*:*:*:* |
|
Vendors & Products |
Circutor
Circutor q-smt Circutor q-smt Firmware |
Wed, 18 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Sep 2024 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An attacker with access to the network where the CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could obtain legitimate credentials or steal sessions due to the fact that the device only implements the HTTP protocol. This fact prevents a secure communication channel from being established. | |
Title | Insertion of Sensitive Information Into Sent Data vulnerability on CIRCUTOR Q-SMT | |
Weaknesses | CWE-201 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: INCIBE
Published:
Updated: 2024-09-18T14:36:22.074Z
Reserved: 2024-09-16T10:20:31.758Z
Link: CVE-2024-8890

Updated: 2024-09-18T14:36:18.428Z

Status : Analyzed
Published: 2024-09-18T13:15:03.620
Modified: 2024-10-01T15:46:33.750
Link: CVE-2024-8890

No data.

No data.