EUVD-2017-17715

Malware in sbrugna...

Twsz Wifi Repeater BE126 Information Disclosure (CVE-2017-8770)

An information disclosure vulnerability exists in Twsz Wifi Repeater BE126. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

T&W WIFI Repeater BE126 Arbitrary Code Execution Vulnerability

Gongjin Electronics T&W WIFI Repeater BE126 is a wireless internet repeater from Gongjin Electronics China. A security vulnerability exists in the Gongjin Electronics T&W WIFI Repeater BE126. The vulnerability can be exploited by a remote attacker to execute arbitrary code by sending the 'user'...

Gongjin Electronics T&W WIFI Repeater BE126 Security Bypass Vulnerability

Gongjin Electronics T&W WIFI Repeater BE126 is a wireless internet repeater from Gongjin Electronics China. A security vulnerability exists in the Gongjin Electronics T&W WIFI Repeater BE126 due to a failure to authenticate the firmware during the upgrade process. The vulnerability can be exploit...

Authentication flaw

Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update...

CVE-2018-9232

Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update...

CVE-2018-9232

Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update...

CVE-2018-9232

CVE-2018-9232 affects Gongjin Electronics’ T&W WIFI Repeater BE126. The connected CNVD entry confirms a vulnerability caused by failure to authenticate firmware during the upgrade process, enabling an attacker to craft malicious firmware and install it as an update. No explicit fixes are listed i...

Gongjin Electronics BE126 WIFI repeater Arbitrary File Read Vulnerability

Gongjin Electronics BE126 WIFI repeater is a wireless internet repeater from Gongjin Electronics China. A security vulnerability exists in Gongjin Electronics BE126 WIFI repeater version 1.0. The vulnerability can be exploited to read the entire file system with a specially crafted 'getpage'...

Gongjin Electronics BE126 WIFI repeater default credentials vulnerability

Gongjin Electronics BE126 WIFI repeater is a wireless internet repeater from Gongjin Electronics China. A security vulnerability exists in Gongjin Electronics BE126 WIFI repeater version 1.0. The vulnerability can be exploited to log in to telnet as root with default credentials...

Multiple vulnerabilities in Gongjin Electronics BE126 WIFI repeater

Gongjin Electronics BE126 WIFI repeater is a wireless internet repeater from Gongjin Electronics China. A security vulnerability exists in Gongjin Electronics BE126 WIFI repeater version 1.0. The vulnerability can be exploited to log in to telnet as root with default credentials and read the enti...

CVE-2017-8772

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet which is open by default with default credentials as root username:"root" password:"root" and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires malicious or not...

Default credentials

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet which is open by default with default credentials as root username:"root" password:"root". The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect the...

CVE-2017-8770

There is LFD local file disclosure on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter...

CVE-2017-8771

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet which is open by default with default credentials as root username:"root" password:"root". The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect the...

Default credentials

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet which is open by default with default credentials as root username:"root" password:"root" and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires malicious or not...

Arbitrary file deletion

There is LFD local file disclosure on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter...

CVE-2017-8771

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet which is open by default with default credentials as root username:"root" password:"root". The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect the...

CVE-2017-8770

CVE-2017-8770 affects the BE126 WIFI repeater (1.0). A crafted getpage parameter allows local file disclosure, enabling an attacker to read the device’s entire filesystem. Public details in connected records confirm a Local File Disclosure vulnerability with proofs of concept (e.g., LFI via getpa...

CVE-2017-8771

The CVE-2017-8771 entry concerns Gongjin Electronics BE126 WIFI Repeater (v1.0). A default-credential Telnet service allows an attacker to log in as root (user: root, pass: root) and then trigger further compromise by convincing a connected user to click a malicious link, which leads to Telnet ac...