CVE-2018-12634

CRITICAL NUCLEI

CirCarLife Scada <4.3 - Info Disclosure

Title source: llm

Description

CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.

Exploits (1)

exploitdb WORKING POC

by SadFud · pythonwebappshardware

https://www.exploit-db.com/exploits/45384

View Code ZIP pw:eip

Nuclei Templates (1)

CirCarLife Scada <4.3 - System Log Exposure

CRITICALby geeknik

References (3)

[Third Party Advisory] https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/45384/

[Third Party Advisory] https://www.seebug.org/vuldb/ssvid-97353

Scores

CVSS v3 9.8

EPSS 0.9245

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-200

Status published

Products (1)

circontrol/circarlife_scada < 4.3

Published Jun 22, 2018

Tracked Since Feb 18, 2026