Security Advisory

CVE-2017-12084

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-11-07 16:00:00

Last updated 2024-09-17 02:46:32

Assigner talos

State PUBLISHED

Description

A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server.

← Browse all CVEs View on cve.org ↗