← back
CVE-2018-16672

CVE-2018-16672

EPSS 1.7%
An issue was discovered in CIRCONTROL CirCarLife before 4.3. Due to the storage of multiple sensitive information elements in a JSON format at /services/system/setup.json, an authenticated but unprivileged user can exfiltrate critical setup information.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-lifehttps://www.exploit-db.com/exploits/45384/