Vulnerabilities > Twsz > Wifi Repeater Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-20 | CVE-2017-8772 | Use of Hard-coded Credentials vulnerability in Twsz Wifi Repeater Firmware On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. | 9.8 |
| 2017-09-20 | CVE-2017-8771 | Use of Hard-coded Credentials vulnerability in Twsz Wifi Repeater Firmware On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). | 9.8 |
| 2017-09-20 | CVE-2017-8770 | Information Exposure vulnerability in Twsz Wifi Repeater Firmware There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter. | 7.5 |
| 2017-09-07 | CVE-2017-13713 | OS Command Injection vulnerability in Twsz Wifi Repeater Firmware T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg. | 8.8 |