cbcvebase.
CVE-2018-12634
published 2018-06-22

CVE-2018-12634: CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.

PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
57.74%
99.0th percentile
CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.

Affected

1 ranges
VendorProductVersion rangeFixed in
circontrolcircarlife_scada< 4.34.3

Detection & IOCsextracted from sources · hover to see the quote

url/html/log
url/services/system/info.html
  • HTTP GET request to /html/log returning HTTP 200 with response header containing 'CirCarLife Scada' and body containing 'user.debug', 'user.info', and 'EVSE' indicates successful exploitation of the unauthenticated log exposure.
  • Response header value 'CirCarLife Scada' can be used to fingerprint vulnerable CirCarLife SCADA devices exposed on the internet.
  • Log response body keywords 'user.debug', 'user.info', and 'EVSE' (all present together) confirm sensitive system log disclosure from the charging station.
  • ·The vulnerability affects CirCarLife Scada versions before 4.3 only; version 4.3 and above are not affected.
  • ·No authentication is required to exploit this vulnerability — the sensitive URIs are directly accessible to unauthenticated remote attackers.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.