CVE-2017-12083

MEDIUM

Circle with Disney <2.0.1 - Info Disclosure

Title source: llm
STIX 2.1

Description

An exploitable information disclosure vulnerability exists in the apid daemon of the Circle with Disney running firmware 2.0.1. A specially crafted set of packets can make the Disney Circle dump strings from an internal database into an HTTP response. An attacker needs network connectivity to the Internet to trigger this vulnerability.

References (1)

Core 1
Core References
Exploit, Technical Description, Third Party Advisory x_refsource_misc
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0435

Scores

CVSS v3 5.8
EPSS 0.0114
EPSS Percentile 62.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (2)
Circle Media/Circle firmware 2.0.1
meetcircle/circle_with_disney_firmware 2.0.1
Published Nov 07, 2017
Tracked Since Feb 18, 2026