Lucene search
+L
BectechnologiesRouter Firmware

4 matches found

CVE
CVE
added 2025/04/23 4:52 p.m.69 views

CVE-2025-2773

CVE-2025-2773 refers to a command injection/remote code execution flaw in BEC Technologies' Multiple Routers. The vulnerability resides in the management interface (listening on TCP port 22 by default), where insufficient validation of a user-supplied string before a system call allows an attacke...

7.2CVSS8.3AI score0.01911EPSS
CVE
CVE
added 2025/04/23 4:52 p.m.66 views

CVE-2025-2771

CVE-2025-2771 concerns BEC Technologies routers with an authentication bypass in the web-based UI, allowing remote attackers to access functionality without credentials. The vulnerability stems from lack of authentication prior to accessing UI functions. Connected sources (ZDI advisory ZDI-25-184...

5.3CVSS6.9AI score0.00823EPSS
CVE
CVE
added 2025/04/23 4:52 p.m.63 views

CVE-2025-2772

BEC Technologies routers are affected by CVE-2025-2772, where the flaw in /cgi-bin/tools_usermanage.asp leads to client-side handling of a list of users and credentials. This enables network-adjacent attackers to disclose transported credentials without authentication. The vulnerability impacts a...

6.5CVSS6AI score0.00417EPSS
CVE
CVE
added 2025/04/23 4:51 p.m.57 views

CVE-2025-2770

CVE-2025-2770 is linked to BEC Technologies Multiple Routers. The vulnerability arises from storing credentials in a recoverable (cleartext) format in the web-based user interface, allowing a remote attacker to disclose stored passwords after authentication. Exploitation details, affected models/...

6.5CVSS4.8AI score0.0045EPSS