Wifi Repeater Firmware

wifi_repeater_firmware

Vendor: Twsz • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-8772 1Twsz 1Wifi Repeater Firmware May 13, 2026 Sep 20, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire file system; 2. Write to the f...Show more On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires (malicious or not).Show less
CVE-2017-8771 1Twsz 1Wifi Repeater Firmware May 13, 2026 Sep 20, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user that is connected to the rep...Show more On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect the device with malicious code.Show less
CVE-2017-8770 1Twsz 1Wifi Repeater Firmware May 13, 2026 Sep 20, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter.
CVE-2017-13713 1Twsz 1Wifi Repeater Firmware May 13, 2026 Sep 7, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.