PT-2017-15593 · Disney · Circle With Disney
Publicado
2017-11-07
·
Atualizado
2022-06-03
·
CVE-2017-2883
CVSS v2.0
9.3
Crítica
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Circle with Disney version 2.0.1
Description
An issue exists in the database update functionality, allowing specially crafted network packets to cause the device to execute arbitrary code. An attacker must impersonate a remote server to trigger this issue.
Recommendations
For Circle with Disney version 2.0.1, consider restricting access to the database update functionality until a patch is available. As a temporary workaround, limit the device's ability to connect to remote servers to minimize the risk of exploitation.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Circle With Disney