CVE-2017-2864

Summary

An exploitable vulnerability exists in the generation of authentication token functionality of Circle with Disney. Specially crafted network packets can cause a valid authentication token to be returned to the attacker resulting in authentication bypass. An attacker can send a series of packets to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Circle MediaCirclefirmware 2.0.1affected

Weaknesses

  • authentication bypass

ADP Enrichment

CVE Program Container

Additional References

References