CVE-2017-12084
Circle with Disney firmware 2.0.1 has a backdoor via its remote control (rclient) functionality. CVE-2017-12084 can be triggered by a specific set of network packets to remotely start an SSH server (Dropbear) on the device, creating a persistent backdoor. Exploitation path involves the Apid remot...