9
CVE-2017-2882
- EPSS 1.2%
- Veröffentlicht 07.11.2017 16:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle talos-cna@cisco.com
- CVE-Watchlists
- Unerledigt
LoginAn exploitable vulnerability exists in the servers update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to overwrite sensitive files, resulting in code execution. An attacker needs to impersonate a remote server in order to trigger this vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Meetcircle ≫ Circle With Disney Firmware Version2.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.2% | 0.78 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
| talos-cna@cisco.com | 9 | 2.2 | 6 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
|