Default Telnet Credentials on BE126 WIFI Repeater 1.0 Devices Allow Unauthorized Access and Full Control

Default Telnet Credentials on BE126 WIFI Repeater 1.0 Devices Allow Unauthorized Access and Full Control

CVE-2017-8772 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires (malicious or not).

Learn more about our User Device Pen Test.