CVE-2017-2884 in Circle with Disneyinfo

Summary

An exploitable vulnerability exists in the user photo update functionality of Circle with Disney running firmware 2.0.1. A repeated set of specially crafted API calls can cause the device to corrupt essential memory, resulting in a bricked device. An attacker needs network connectivity to the device to trigger this vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsible

Talos

Reservation

12/01/2016

Disclosure

11/07/2017

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
109202	Circle with Disney API Call Brick resource consumption	400	Not defined	Not defined	CVE-2017-2884

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!