CVE-2017-12084

A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server.

CVSS v3 8.0 HIGH
CVSS v2.0 6.0 MEDIUM

8.0^/10

CVSS v3 : HIGH

Vector : AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Exploitability : 1.3 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

6.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability : 6.8 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0436	Exploit Technical Description Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0436	Exploit Technical Description Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:meetcircle:circle_with_disney_firmware:2.0.1:*:*:*:*:*:*:*

cpe:2.3:h:meetcircle:circle_with_disney:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-11-07 16:29

Updated : 2025-04-20 01:37

NVD link : CVE-2017-12084

Mitre link : CVE-2017-12084

CVE.ORG link : CVE-2017-12084

JSON object : View

Products Affected

meetcircle

circle_with_disney
circle_with_disney_firmware

CWE

CWE-862

Missing Authorization

{"id": "CVE-2017-12084", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.0, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.3}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.7}]}, "published": "2017-11-07T16:29:00.263", "references": [{"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0436", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0436", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server."}, {"lang": "es", "value": "Existe una vulnerabilidad de puerta trasera en la funcionalidad de control remoto de Circle with Disney con firmware 2.0.1. Un conjunto espec\u00edfico de paquetes de red puede iniciar remotamente un servidor SSH en el dispositivo, lo que resulta en una puerta trasera persistente. Un atacante puede enviar una llamada API para habilitar el servidor SSH."}], "lastModified": "2025-04-20T01:37:25.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:meetcircle:circle_with_disney_firmware:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "287E642C-D156-4E0E-B8F7-2EFEEDC77E99"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:meetcircle:circle_with_disney:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9661BDE9-416C-40BF-B65C-E9979F511FF6"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}