Remote Code Execution Vulnerability in Circle with Disney Firmware 2.0.1

Remote Code Execution Vulnerability in Circle with Disney Firmware 2.0.1

CVE-2017-2883 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

An exploitable vulnerability exists in the database update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to execute arbitrary code. An attacker needs to impersonate a remote server in order to trigger this vulnerability.

Learn more about our Cis Benchmark Audit For Server Software.