Circle with Disney Firmware 2.0.1 WiFi Access Point Default Credentials Vulnerability

Circle with Disney Firmware 2.0.1 WiFi Access Point Default Credentials Vulnerability

CVE-2017-12095 · LOW Severity

AV:A/AC:L/AU:N/C:N/I:P/A:N

An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney running firmware 2.0.1. A series of WiFi packets can force Circle to setup an Access Point with default credentials. An attacker needs to send a series of spoofed "de-auth" packets to trigger this vulnerability.

Learn more about our Web Application Penetration Testing UK.