Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2018/04/05 7:29 p.m.1 views

CVE-2017-12095

An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney running firmware 2.0.1. A series of WiFi packets can force Circle to setup an Access Point with default credentials. An attacker needs to send a series of spoofed "de-auth" packets to trigger this...

6.5CVSS5.8AI score
Exploits0References1
OSV
OSVadded 2017/11/07 4:29 p.m.2 views

CVE-2017-2915

An exploitable vulnerability exists in the WiFi configuration functionality of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary shell commands. An attacker needs to send a couple of HTTP requests and setup an access point reachable by t...

8CVSS6AI score0.00114EPSS
Exploits2References1
OSV
OSVadded 2017/11/07 4:29 p.m.2 views

CVE-2017-2883

An exploitable vulnerability exists in the database update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to execute arbitrary code. An attacker needs to impersonate a remote server in order to trigger this vulnerability...

8.1CVSS6AI score
Exploits0References1
OSV
OSVadded 2017/11/07 4:29 p.m.1 views

CVE-2017-2898

An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Specially crafted network packets can cause an unsigned firmware to be installed in the device resulting in arbitrary code execution. An attacker can send a series of...

7.5CVSS6AI score
Exploits0References1
CVE
CVEadded 2017/11/07 4:0 p.m.54 views

CVE-2017-12085

CVE-2017-12085 is the Circle with Disney cloud routing vulnerability disclosed in TALOS-2017-0437. The issue enables an attacker with Internet connectivity to cause the Circle cloud to route a packet to an arbitrary Circle device via the cloud API and token-based routing mechanism. The attack cha...

9.8CVSS9.3AI score0.01455EPSS
Exploits2References1Affected Software1
Cvelist
Cvelistadded 2017/11/07 4:0 p.m.17 views

CVE-2017-2914

An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A specially crafted token can bypass the authentication routine of the Apid binary, causing the device to grant unintended administrative access. An attacker needs network...

9CVSS8.2AI score0.0054EPSS
Exploits2References1
Talos
Talosadded 2017/10/31 12:0 a.m.34 views

Circle with Disney configure.xml Notifications Command Injection Vulnerability

Summary An exploitable vulnerability exists in the notifications functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request trigger this vulnerability. Tested Versions Circle with Disney 2.0...

9.9CVSS9.1AI score0.03989EPSS
Exploits2
Rows per page
Query Builder