CVE-2018-16670

MEDIUM EXPLOITED NUCLEI

CIRCONTROL CirCarLife <4.3 - Info Disclosure

Title source: llm

Description

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is PLC status disclosure due to lack of authentication for /html/devstat.html.

Exploits (1)

exploitdb WORKING POC
by SadFud · pythonwebappshardware
https://www.exploit-db.com/exploits/45384

Nuclei Templates (1)

CirCarLife <4.3 - Improper Authentication
MEDIUMby geeknik

References (2)

Scores

CVSS v3 5.3
EPSS 0.4558
EPSS Percentile 97.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

VulnCheck KEV 2025-06-09
CWE
CWE-287
Status published
Products (1)
circontrol/circarlife_scada < 4.3
Published Sep 18, 2018
Tracked Since Feb 18, 2026