VYPR

Circle With Disney Firmware

by Meetcircle

CVEs (22)

  • CVE-2017-2911MedNov 7, 2017
    risk 0.38cvss 5.9epss 0.01

    An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific domain names can cause the rclient daemon to accept a different certificate than intended. An attacker can host an HTTPS server…

  • CVE-2017-12083MedNov 7, 2017
    risk 0.38cvss 5.8epss 0.01

    An exploitable information disclosure vulnerability exists in the apid daemon of the Circle with Disney running firmware 2.0.1. A specially crafted set of packets can make the Disney Circle dump strings from an internal database into an HTTP response. An attacker needs network…

Page 2 of 2