CVE-2018-16668
published 2018-09-18CVE-2018-16668: An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for…
PriorityP343medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EXPLOIT
EPSS
9.34%
94.8th percentile
An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| circontrol | circarlife_scada | < 4.3 | 4.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →Send an unauthenticated HTTP GET request to /html/repository and check the response header for 'CirCarLife Scada' and the body for '** Platform sources **' and '** Application sources **'
- →Presence of 'CirCarLife Scada' in HTTP response headers indicates a vulnerable CIRCONTROL CirCarLife SCADA device
- →Response body containing both '** Platform sources **' and '** Application sources **' confirms unauthenticated access to internal installation path information
- ·Vulnerability affects CirCarLife SCADA versions strictly before 4.3; version 4.3 and above are not affected ↗
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
CirCarLife SCADA 4.3.0 - Credential Disclosure
exploitdb·2018-09-12·CVSS 9.8
CVE-2018-12634 [CRITICAL] CirCarLife SCADA 4.3.0 - Credential Disclosure
CirCarLife SCADA 4.3.0 - Credential Disclosure
---
# Exploit Title: CirCarLife SCADA 4.3.0 - Credential Disclosure
# Date: 2018-09-10
# Exploit Author: David Castro
# Vendor Homepage: https://circontrol.com/
# Shodan Dork: Server: CirCarLife Server: PsiOcppApp
# Version: CirCarLife Scada all versions under 4.3.0 OCPP implementation all versions under 1.5.0
# CVE : CVE-2018-12634
'''
Description: Mutiple information disclosure issues, including admin credentials disclosure
'''
import requests
from requests.auth import HTTPDigestAuth
from termcolor import colored
from bs4 import BeautifulSoup
import xml.etree.ElementTree as ET
import re
import json
import base64
cabecera = '''
_.-="_- _
_.-=" _- | ||"""""""---._______ __..
___.===""""-.______-,,,,,,,,,,,,`-''----" """"" """"" __'
__.--"
Nuclei
CirCarLife <4.3 - Improper Authentication
nuclei·CVSS 5.3
CVE-2018-16668 [MEDIUM] CirCarLife <4.3 - Improper Authentication
CirCarLife <4.3 - Improper Authentication
CirCarLife before 4.3 is susceptible to improper authentication. An internal installation path disclosure exists due to the lack of authentication for /html/repository.System. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations.
Template:
id: CVE-2018-16668
info:
name: CirCarLife <4.3 - Improper Authentication
author: geeknik
severity: medium
description: CirCarLife before 4.3 is susceptible to improper authentication. An internal installation path disclosure exists due to the lack of authentication for /html/repository.System. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations.
impact: |
Successful exploitation of this vulnerability can lead to unautho
No writeups or analysis indexed.
2018-09-18
Published