CirCarLife <4.3 - Improper Authentication (CVE-2018-16671)

CirCarLife before 4.3 is susceptible to improper authentication. A system software information disclosure exists due to lack of authentication for /html/device-id. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations.

CirCarLife 4.3版本之前易受不恰当认证的影响。由于/html/device-id路径缺乏认证机制，存在系统软件信息泄露的风险。攻击者可获取敏感信息、修改数据或执行未授权操作。