CVE-2017-2882

High CVSS 8.1

Overview

An exploitable vulnerability exists in the servers update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to overwrite sensitive files, resulting in code execution. An attacker needs to impersonate a remote server in order to trigger this vulnerability.

CWE: N/A Published: 2017-11-07T16:29:00.543

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 8.1 (HIGH)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags