CVE-2018-16670

MEDIUM EXPLOITED NUCLEI

CIRCONTROL CirCarLife <4.3 - Info Disclosure

Title source: llm

Exploitation Summary

CVE-2018-16670 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including SadFud. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit targets CirCarLife SCADA systems (versions < 4.3.0) and PsiOcppApp (versions < 1.5.0) to disclose sensitive information, including admin credentials, via multiple endpoints. It leverages CVE-2018-12634 and related CVEs to extract software versions, PLC statuses, installation paths, and GPRS modem details.

Description

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is PLC status disclosure due to lack of authentication for /html/devstat.html.

Exploits (1)

exploitdb WORKING POC

by SadFud · pythonwebappshardware

https://www.exploit-db.com/exploits/45384

View Code ZIP pw:eip

This exploit targets CirCarLife SCADA systems (versions < 4.3.0) and PsiOcppApp (versions < 1.5.0) to disclose sensitive information, including admin credentials, via multiple endpoints. It leverages CVE-2018-12634 and related CVEs to extract software versions, PLC statuses, installation paths, and GPRS modem details.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: CirCarLife SCADA < 4.3.0, PsiOcppApp < 1.5.0

No auth needed

Prerequisites: Network access to the target system · Exposed endpoints (e.g., /html/log, /services/system/info.html)

MITRE ATT&CK

T1592 - Gather Victim Host Information T1087 - Account Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

CirCarLife <4.3 - Improper Authentication

MEDIUMby geeknik

References (2)

Core 2

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/45384/

Third Party Advisory x_refsource_misc

https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life

View Writeup ZIP pw:eip

Scores

CVSS v3 5.3

EPSS 0.2475

EPSS Percentile 97.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

VulnCheck KEV 2025-06-09

CWE

CWE-287

Status published

Products (1)

circontrol/circarlife_scada < 4.3

Published Sep 18, 2018

Tracked Since Feb 18, 2026