CVE-2017-2882
First published: Tue Nov 07 2017(Updated: )
An exploitable vulnerability exists in the servers update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to overwrite sensitive files, resulting in code execution. An attacker needs to impersonate a remote server in order to trigger this vulnerability.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Meetcircle Circle With Disney Firmware | =2.0.1 | |
| Meetcircle Circle With Disney |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-2882?
CVE-2017-2882 is classified as a high severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2017-2882?
To mitigate CVE-2017-2882, users should update the Circle with Disney device to the latest firmware version released by the vendor.
What type of attack is possible due to CVE-2017-2882?
CVE-2017-2882 allows an attacker to execute arbitrary code by sending specially crafted network packets to the device.
Which devices are affected by CVE-2017-2882?
CVE-2017-2882 specifically affects Circle with Disney devices running firmware version 2.0.1.
What are the consequences of exploiting CVE-2017-2882?
Exploitation of CVE-2017-2882 can lead to overwriting sensitive files on the device, potentially causing unauthorized access.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- agent/source
- vendor/meetcircle
- canonical/meetcircle circle with disney firmware
- version/meetcircle circle with disney firmware/2.0.1
- canonical/meetcircle circle with disney