CVE-2017-2883
First published: Tue Nov 07 2017(Updated: )
An exploitable vulnerability exists in the database update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to execute arbitrary code. An attacker needs to impersonate a remote server in order to trigger this vulnerability.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Meetcircle Circle With Disney Firmware | =2.0.1 | |
| Meetcircle Circle With Disney |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-2883?
CVE-2017-2883 has been rated as critical due to its potential to allow arbitrary code execution on affected devices.
How do I fix CVE-2017-2883?
To mitigate CVE-2017-2883, update the firmware of the Circle with Disney device to the latest version provided by the manufacturer.
What devices are affected by CVE-2017-2883?
The vulnerability CVE-2017-2883 specifically affects Circle with Disney firmware version 2.0.1.
How can CVE-2017-2883 be exploited?
CVE-2017-2883 can be exploited by sending specially crafted network packets to impersonate a remote server.
Is there a workaround for CVE-2017-2883?
Currently, the best workaround for CVE-2017-2883 is to ensure the device is not exposed to untrusted networks until the firmware is updated.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/meetcircle
- canonical/meetcircle circle with disney firmware
- version/meetcircle circle with disney firmware/2.0.1
- canonical/meetcircle circle with disney