cpe:/o:meetcircle:circle_with_disney_firmware:2.0.1 CVE-2017-12084 2017-11-07T11:29:00.263-05:00 2019-10-02T20:03:26.223-04:00 6.0 NETWORK MEDIUM SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2017-11-20T08:36:40.000-05:00 MISC https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0436 A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server.