WIFI Repeater BE126
by T&W
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-13713 | Hig | 0.61 | 8.8 | 0.09 | Sep 7, 2017 | T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg. | ||
| CVE-2018-9232 | Hig | 0.51 | 7.8 | 0.01 | May 1, 2018 | Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update. |
- risk 0.61cvss 8.8epss 0.09
T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.
- risk 0.51cvss 7.8epss 0.01
Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update.