Remote Account Takeover Vulnerability in Fisher-Price Smart Toy Bear Devices

Remote Account Takeover Vulnerability in Fisher-Price Smart Toy Bear Devices

CVE-2015-8269 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number.

Learn more about our Api Penetration Testing.