High severity7.5NVD Advisory· Published Nov 7, 2017· Updated May 13, 2026

CVE-2017-2898

Description

An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Specially crafted network packets can cause an unsigned firmware to be installed in the device resulting in arbitrary code execution. An attacker can send a series of packets to trigger this vulnerability.

Affected products

Circle Media/Circlev5
Range: firmware 2.0.1
Meetcircle/Circle With Disney Firmware
cpe:2.3:o:meetcircle:circle_with_disney_firmware:2.0.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.talosintelligence.com/vulnerability_reports/TALOS-2017-0405nvdExploitTechnical DescriptionThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000