CVE-2018-16668

MEDIUM NUCLEI

CIRCONTROL CirCarLife <4.3 - Info Disclosure

Title source: llm

Description

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository.

Exploits (1)

exploitdb WORKING POC

by SadFud · pythonwebappshardware

https://www.exploit-db.com/exploits/45384

View Code ZIP pw:eip

Nuclei Templates (1)

CirCarLife <4.3 - Improper Authentication

MEDIUMby geeknik

References (2)

[Exploit, Third Party Advisory] https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/45384/

Scores

CVSS v3 5.3

EPSS 0.5218

EPSS Percentile 97.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-287

Status published

Products (1)

circontrol/circarlife_scada < 4.3

Published Sep 18, 2018

Tracked Since Feb 18, 2026