Описание
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney running firmware 2.0.1. A series of WiFi packets can force Circle to setup an Access Point with default credentials. An attacker needs to send a series of spoofed "de-auth" packets to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:meetcircle:circle_with_disney_firmware:2.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00105
Низкий
6.5 Medium
CVSS3
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-290
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney running firmware 2.0.1. A series of WiFi packets can force Circle to setup an Access Point with default credentials. An attacker needs to send a series of spoofed "de-auth" packets to trigger this vulnerability.
EPSS
Процентиль: 29%
0.00105
Низкий
6.5 Medium
CVSS3
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-290