Vulnerability Details CVE-2015-8269
The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 6.5
References
- https://community.rapid7.com/community/infosec/blog/2016/02/02/security-vulnerabilities-within-fisher-price-smart-toy-hereo-gps-platform
- https://www.kb.cert.org/vuls/id/719736
- https://www.kb.cert.org/vuls/id/GWAN-A6LPPW
- https://community.rapid7.com/community/infosec/blog/2016/02/02/security-vulnerabilities-within-fisher-price-smart-toy-hereo-gps-platform
- https://www.kb.cert.org/vuls/id/719736
- https://www.kb.cert.org/vuls/id/GWAN-A6LPPW
Products affected by CVE-2015-8269
-
cpe:2.3:h:fisher-price:smart_toy_bear:-