3 matches found
Circle with Disney Firmware Update Signature Check Bypass Vulnerability(CVE-2017-2898)
Summary An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Specially crafted network packets can cause an unsigned firmware to be installed in the device resulting in arbitrary code execution. An attacker can send a series...
CVE-2017-2898
An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Specially crafted network packets can cause an unsigned firmware to be installed in the device resulting in arbitrary code execution. An attacker can send a series of...
CVE-2017-2898
The CVE-2017-2898 entry describes a real, exploitable vulnerability in Circle with Disney’s firmware update signature verification. An attacker can abuse the UPLOAD_FIRMWARE flow to install unsigned firmware via crafted network requests, potentially achieving arbitrary code execution. The attack ...