High severity8.8NVD Advisory· Published Nov 7, 2017· Updated May 13, 2026
CVE-2017-2890
CVE-2017-2890
Description
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request trigger this vulnerability.
Affected products
2- cpe:2.3:o:meetcircle:circle_with_disney_firmware:2.0.1:*:*:*:*:*:*:*
- Circle Media/Circlev5Range: firmware 2.0.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.talosintelligence.com/vulnerability_reports/TALOS-2017-0397nvdThird Party Advisory
News mentions
0No linked articles in our index yet.