EUVD-2017-17715

Malware in sbrugna...

Gongjin Electronics BE126 WIFI repeater Arbitrary File Read Vulnerability

Gongjin Electronics BE126 WIFI repeater is a wireless internet repeater from Gongjin Electronics China. A security vulnerability exists in Gongjin Electronics BE126 WIFI repeater version 1.0. The vulnerability can be exploited to read the entire file system with a specially crafted 'getpage'...

Default credentials

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet which is open by default with default credentials as root username:"root" password:"root" and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires malicious or not...

Arbitrary file deletion

There is LFD local file disclosure on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter...

CVE-2017-8770

There is LFD local file disclosure on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter...