CVE-2017-2912

Name of the Vulnerable Software and Affected Versions Circle with Disney version 2.0.1

Description A vulnerability exists in the remote control functionality due to issues with SSL certificates for specific domain names, causing the goclient daemon to accept a different certificate than intended. An attacker can exploit this by hosting an HTTPS server with the certificate.

Recommendations For Circle with Disney version 2.0.1, consider disabling the remote control functionality until a patch is available to prevent exploitation. Restrict access to the goclient daemon to minimize the risk of accepting unauthorized certificates.