Default Telnet Credentials on BE126 WIFI Repeater 1.0 Devices Allow Remote Code Execution

Default Telnet Credentials on BE126 WIFI Repeater 1.0 Devices Allow Remote Code Execution

CVE-2017-8771 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect the device with malicious code.

Learn more about our User Device Pen Test.