Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Wifi Repeater Firmware Security Vulnerabilities

cve
cve

CVE-2017-13713

T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.

8.8CVSS

8.7AI Score

0.008EPSS

2017-09-07 01:29 PM
35
cve
cve

CVE-2017-8770

There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter.

7.5CVSS

7.3AI Score

0.044EPSS

2017-09-20 02:29 PM
32
cve
cve

CVE-2017-8771

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect t...

9.8CVSS

9.2AI Score

0.002EPSS

2017-09-20 02:29 PM
23
cve
cve

CVE-2017-8772

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires (malicious or not).

9.8CVSS

9.4AI Score

0.002EPSS

2017-09-20 02:29 PM
21