GHSA-hv4v-fprg-g23q
GitHub Security Advisory
⚠ Unreviewed
HIGH
Has CVE
Advisory Details
An exploitable vulnerability exists in the user photo update functionality of Circle with Disney running firmware 2.0.1. A repeated set of specially crafted API calls can cause the device to corrupt essential memory, resulting in a bricked device. An attacker needs network connectivity to the device to trigger this vulnerability.
Related CVEs
Key Information
7.5
/10
Dataset
Last updated: July 9, 2025 6:27 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.