CVE-2015-8269

The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
HIGH
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
fisher-pricesmart_toy_bear
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://community.rapid7.com/community/infosec/blog/2016/02/02/security-vulnerabilities-within-fisher-price-smart-toy-hereo-gps-platform
https://www.kb.cert.org/vuls/id/719736
https://www.kb.cert.org/vuls/id/GWAN-A6LPPW
https://community.rapid7.com/community/infosec/blog/2016/02/02/security-vulnerabilities-within-fisher-price-smart-toy-hereo-gps-platform
https://www.kb.cert.org/vuls/id/719736
https://www.kb.cert.org/vuls/id/GWAN-A6LPPW