Circle with Disney Firmware 2.0.1: Remote Control Backdoor Vulnerability

Circle with Disney Firmware 2.0.1: Remote Control Backdoor Vulnerability

CVE-2017-12084 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server.

Learn more about our Cis Benchmark Audit For Server Software.