Описание
An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary sed commands. An attacker needs to setup an access point reachable by the device to trigger this vulnerability.
Ссылки
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:meetcircle:circle_with_disney_firmware:2.0.1:*:*:*:*:*:*:*
cpe:2.3:h:meetcircle:circle_with_disney:-:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00325
Низкий
7.4 High
CVSS3
6.5 Medium
CVSS3
6.1 Medium
CVSS2
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary sed commands. An attacker needs to setup an access point reachable by the device to trigger this vulnerability.
EPSS
Процентиль: 55%
0.00325
Низкий
7.4 High
CVSS3
6.5 Medium
CVSS3
6.1 Medium
CVSS2
Дефекты
CWE-77