CVE-2017-2890

2017-11-07T16:29:00
ID CVE-2017-2890
Type cve
Reporter cve@mitre.org
Modified 2017-11-27T23:25:00

Description

An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request trigger this vulnerability.