VYPR

WIFI Repeater BE126

by T&W

CVEs (2)

  • CVE-2017-13713HigSep 7, 2017
    risk 0.61cvss 8.8epss 0.09

    T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.

  • CVE-2018-9232HigMay 1, 2018
    risk 0.51cvss 7.8epss 0.01

    Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update.