Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Meetcircle Subscribe
Filtered by product Circle With Disney Firmware
Total 23 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-12083 1 Meetcircle 2 Circle With Disney, Circle With Disney Firmware 2022-04-19 5.0 MEDIUM 5.3 MEDIUM
An exploitable information disclosure vulnerability exists in the apid daemon of the Circle with Disney running firmware 2.0.1. A specially crafted set of packets can make the Disney Circle dump strings from an internal database into an HTTP response. An attacker needs network connectivity to the Internet to trigger this vulnerability.
CVE-2017-12084 1 Meetcircle 2 Circle With Disney, Circle With Disney Firmware 2022-04-19 6.0 MEDIUM 6.6 MEDIUM
A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server.
CVE-2017-12085 1 Meetcircle 2 Circle With Disney, Circle With Disney Firmware 2022-04-19 7.5 HIGH 9.8 CRITICAL
An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability.