Meetcircle: >> Circle With Disney Security Vulnerabilities
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific domain names can cause the rclient daemon to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this vulnerability.
CVSS Score
9.0
EPSS Score
0.002
Published
2017-11-07
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific domain names can cause the goclient daemon to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this vulnerability.
CVSS Score
7.4
EPSS Score
0.001
Published
2017-11-07
Page 3