Find a vulnerability
Search criteria
5 vulnerabilities by twsz
VAR-201709-1050
Vulnerability from variot - Updated: 2025-04-20 23:29T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg. T&W WIFI Repeater BE126 Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GongjinElectronicsT&WWIFIRepeaterBE126 is a wireless Internet repeater from China's Gongjin Electronics. There is a security hole in GongjinElectronicsT&WWIFIRepeaterBE126
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1050",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wifi repeater",
"scope": "eq",
"trust": 1.6,
"vendor": "twsz",
"version": null
},
{
"model": "wifi repeater",
"scope": null,
"trust": 0.8,
"vendor": "gongjin",
"version": null
},
{
"model": "electronics t\u0026w wifi repeater be126",
"scope": null,
"trust": 0.6,
"vendor": "gongjin",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09374"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007839"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1166"
},
{
"db": "NVD",
"id": "CVE-2017-13713"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:twsz:wifi_repeater_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007839"
}
]
},
"cve": "CVE-2017-13713",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2017-13713",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2018-09374",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-104363",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-13713",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-13713",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-13713",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-09374",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1166",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-104363",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09374"
},
{
"db": "VULHUB",
"id": "VHN-104363"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007839"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1166"
},
{
"db": "NVD",
"id": "CVE-2017-13713"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "T\u0026W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg. T\u0026W WIFI Repeater BE126 Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GongjinElectronicsT\u0026WWIFIRepeaterBE126 is a wireless Internet repeater from China\u0027s Gongjin Electronics. There is a security hole in GongjinElectronicsT\u0026WWIFIRepeaterBE126",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13713"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007839"
},
{
"db": "CNVD",
"id": "CNVD-2018-09374"
},
{
"db": "VULHUB",
"id": "VHN-104363"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-104363",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104363"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13713",
"trust": 3.1
},
{
"db": "PACKETSTORM",
"id": "143978",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "42608",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007839",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1166",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-09374",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-104363",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09374"
},
{
"db": "VULHUB",
"id": "VHN-104363"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007839"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1166"
},
{
"db": "NVD",
"id": "CVE-2017-13713"
}
]
},
"id": "VAR-201709-1050",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09374"
},
{
"db": "VULHUB",
"id": "VHN-104363"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09374"
}
]
},
"last_update_date": "2025-04-20T23:29:33.945000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.twsz.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007839"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104363"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007839"
},
{
"db": "NVD",
"id": "CVE-2017-13713"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://packetstormsecurity.com/files/143978/wireless-repeater-be126-remote-code-execution.html"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/42608/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13713"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13713"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2017-13713/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09374"
},
{
"db": "VULHUB",
"id": "VHN-104363"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007839"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1166"
},
{
"db": "NVD",
"id": "CVE-2017-13713"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-09374"
},
{
"db": "VULHUB",
"id": "VHN-104363"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007839"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1166"
},
{
"db": "NVD",
"id": "CVE-2017-13713"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09374"
},
{
"date": "2017-09-07T00:00:00",
"db": "VULHUB",
"id": "VHN-104363"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007839"
},
{
"date": "2017-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1166"
},
{
"date": "2017-09-07T13:29:00.590000",
"db": "NVD",
"id": "CVE-2017-13713"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09374"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-104363"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007839"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1166"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-13713"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1166"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "T\u0026W WIFI Repeater BE126 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007839"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1166"
}
],
"trust": 0.6
}
}
VAR-201709-1195
Vulnerability from variot - Updated: 2025-04-20 23:27On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect the device with malicious code. BE126 WIFI Repeater The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GongjinElectronicsBE126WIFIrepeater is a wireless Internet repeater from China's Gongjin Electronics. There is a security hole in the GongjinElectronicsBE126WIFIrepeater 1.0 version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1195",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wifi repeater",
"scope": "eq",
"trust": 1.6,
"vendor": "twsz",
"version": null
},
{
"model": "wifi repeater",
"scope": "eq",
"trust": 0.8,
"vendor": "gongjin",
"version": "1.0"
},
{
"model": "electronics be126 wifi repeater",
"scope": "eq",
"trust": 0.6,
"vendor": "gongjin",
"version": "1.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35047"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008293"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-244"
},
{
"db": "NVD",
"id": "CVE-2017-8771"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:twsz:wifi_repeater_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008293"
}
]
},
"cve": "CVE-2017-8771",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-8771",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-35047",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-116974",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-8771",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-8771",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-8771",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-35047",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-244",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-116974",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-8771",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35047"
},
{
"db": "VULHUB",
"id": "VHN-116974"
},
{
"db": "VULMON",
"id": "CVE-2017-8771"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008293"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-244"
},
{
"db": "NVD",
"id": "CVE-2017-8771"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:\"root\" password:\"root\"). The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect the device with malicious code. BE126 WIFI Repeater The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GongjinElectronicsBE126WIFIrepeater is a wireless Internet repeater from China\u0027s Gongjin Electronics. There is a security hole in the GongjinElectronicsBE126WIFIrepeater 1.0 version",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8771"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008293"
},
{
"db": "CNVD",
"id": "CNVD-2017-35047"
},
{
"db": "VULHUB",
"id": "VHN-116974"
},
{
"db": "VULMON",
"id": "CVE-2017-8771"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8771",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008293",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-244",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-35047",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-116974",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-8771",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35047"
},
{
"db": "VULHUB",
"id": "VHN-116974"
},
{
"db": "VULMON",
"id": "CVE-2017-8771"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008293"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-244"
},
{
"db": "NVD",
"id": "CVE-2017-8771"
}
]
},
"id": "VAR-201709-1195",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35047"
},
{
"db": "VULHUB",
"id": "VHN-116974"
}
],
"trust": 1.575
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35047"
}
]
},
"last_update_date": "2025-04-20T23:27:16.268000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.twsz.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008293"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116974"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008293"
},
{
"db": "NVD",
"id": "CVE-2017-8771"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.digitalwhisper.co.il/files/zines/0x56/dw86-1-repeaterhack.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8771"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8771"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35047"
},
{
"db": "VULHUB",
"id": "VHN-116974"
},
{
"db": "VULMON",
"id": "CVE-2017-8771"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008293"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-244"
},
{
"db": "NVD",
"id": "CVE-2017-8771"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-35047"
},
{
"db": "VULHUB",
"id": "VHN-116974"
},
{
"db": "VULMON",
"id": "CVE-2017-8771"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008293"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-244"
},
{
"db": "NVD",
"id": "CVE-2017-8771"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35047"
},
{
"date": "2017-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-116974"
},
{
"date": "2017-09-20T00:00:00",
"db": "VULMON",
"id": "CVE-2017-8771"
},
{
"date": "2017-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008293"
},
{
"date": "2017-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-244"
},
{
"date": "2017-09-20T14:29:00.203000",
"db": "NVD",
"id": "CVE-2017-8771"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35047"
},
{
"date": "2017-09-28T00:00:00",
"db": "VULHUB",
"id": "VHN-116974"
},
{
"date": "2017-09-28T00:00:00",
"db": "VULMON",
"id": "CVE-2017-8771"
},
{
"date": "2017-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008293"
},
{
"date": "2017-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-244"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-8771"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-244"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BE126 WIFI Repeater Vulnerabilities related to the use of hard-coded credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008293"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-244"
}
],
"trust": 0.6
}
}
VAR-201709-1194
Vulnerability from variot - Updated: 2025-04-20 23:25There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter. GongjinElectronicsBE126WIFIrepeater is a wireless Internet repeater from China's Gongjin Electronics. There is a security hole in the GongjinElectronicsBE126WIFIrepeater 1.0 version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1194",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wifi repeater",
"scope": "eq",
"trust": 1.6,
"vendor": "twsz",
"version": null
},
{
"model": "wifi repeater",
"scope": "eq",
"trust": 0.8,
"vendor": "gongjin",
"version": "1.0"
},
{
"model": "electronics be126 wifi repeater",
"scope": "eq",
"trust": 0.6,
"vendor": "gongjin",
"version": "1.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35046"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008292"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-245"
},
{
"db": "NVD",
"id": "CVE-2017-8770"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:twsz:wifi_repeater_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008292"
}
]
},
"cve": "CVE-2017-8770",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-8770",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-35046",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-116973",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-8770",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-8770",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-8770",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-35046",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-245",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-116973",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35046"
},
{
"db": "VULHUB",
"id": "VHN-116973"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008292"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-245"
},
{
"db": "NVD",
"id": "CVE-2017-8770"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter. GongjinElectronicsBE126WIFIrepeater is a wireless Internet repeater from China\u0027s Gongjin Electronics. There is a security hole in the GongjinElectronicsBE126WIFIrepeater 1.0 version",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8770"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008292"
},
{
"db": "CNVD",
"id": "CNVD-2017-35046"
},
{
"db": "VULHUB",
"id": "VHN-116973"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-116973",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116973"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8770",
"trust": 3.1
},
{
"db": "EXPLOIT-DB",
"id": "42547",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008292",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-245",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-35046",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-116973",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35046"
},
{
"db": "VULHUB",
"id": "VHN-116973"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008292"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-245"
},
{
"db": "NVD",
"id": "CVE-2017-8770"
}
]
},
"id": "VAR-201709-1194",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35046"
},
{
"db": "VULHUB",
"id": "VHN-116973"
}
],
"trust": 1.575
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35046"
}
]
},
"last_update_date": "2025-04-20T23:25:56.945000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.twsz.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008292"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116973"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008292"
},
{
"db": "NVD",
"id": "CVE-2017-8770"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.exploit-db.com/exploits/42547/"
},
{
"trust": 1.7,
"url": "http://www.digitalwhisper.co.il/files/zines/0x56/dw86-1-repeaterhack.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8770"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8770"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35046"
},
{
"db": "VULHUB",
"id": "VHN-116973"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008292"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-245"
},
{
"db": "NVD",
"id": "CVE-2017-8770"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-35046"
},
{
"db": "VULHUB",
"id": "VHN-116973"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008292"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-245"
},
{
"db": "NVD",
"id": "CVE-2017-8770"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35046"
},
{
"date": "2017-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-116973"
},
{
"date": "2017-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008292"
},
{
"date": "2017-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-245"
},
{
"date": "2017-09-20T14:29:00.157000",
"db": "NVD",
"id": "CVE-2017-8770"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35046"
},
{
"date": "2017-09-28T00:00:00",
"db": "VULHUB",
"id": "VHN-116973"
},
{
"date": "2017-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008292"
},
{
"date": "2017-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-245"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-8770"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-245"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BE126 WIFI Repeater Information disclosure vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008292"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-245"
}
],
"trust": 0.6
}
}
VAR-201709-1196
Vulnerability from variot - Updated: 2025-04-20 23:24On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires (malicious or not). BE126 WIFI Repeater The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GongjinElectronicsBE126WIFIrepeater is a wireless Internet repeater from China's Gongjin Electronics. There is a security hole in the GongjinElectronicsBE126WIFIrepeater 1.0 version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1196",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wifi repeater",
"scope": "eq",
"trust": 1.6,
"vendor": "twsz",
"version": null
},
{
"model": "wifi repeater",
"scope": "eq",
"trust": 0.8,
"vendor": "gongjin",
"version": "1.0"
},
{
"model": "electronics be126 wifi repeater",
"scope": "eq",
"trust": 0.6,
"vendor": "gongjin",
"version": "1.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35048"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008294"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-243"
},
{
"db": "NVD",
"id": "CVE-2017-8772"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:twsz:wifi_repeater_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008294"
}
]
},
"cve": "CVE-2017-8772",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-8772",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-35048",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-116975",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-8772",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-8772",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-8772",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-35048",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-243",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-116975",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-8772",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35048"
},
{
"db": "VULHUB",
"id": "VHN-116975"
},
{
"db": "VULMON",
"id": "CVE-2017-8772"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008294"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-243"
},
{
"db": "NVD",
"id": "CVE-2017-8772"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:\"root\" password:\"root\") and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires (malicious or not). BE126 WIFI Repeater The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GongjinElectronicsBE126WIFIrepeater is a wireless Internet repeater from China\u0027s Gongjin Electronics. There is a security hole in the GongjinElectronicsBE126WIFIrepeater 1.0 version",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8772"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008294"
},
{
"db": "CNVD",
"id": "CNVD-2017-35048"
},
{
"db": "VULHUB",
"id": "VHN-116975"
},
{
"db": "VULMON",
"id": "CVE-2017-8772"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8772",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008294",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-243",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-35048",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-116975",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-8772",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35048"
},
{
"db": "VULHUB",
"id": "VHN-116975"
},
{
"db": "VULMON",
"id": "CVE-2017-8772"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008294"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-243"
},
{
"db": "NVD",
"id": "CVE-2017-8772"
}
]
},
"id": "VAR-201709-1196",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35048"
},
{
"db": "VULHUB",
"id": "VHN-116975"
}
],
"trust": 1.575
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35048"
}
]
},
"last_update_date": "2025-04-20T23:24:53.166000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.twsz.com/en/"
},
{
"title": "GongjinElectronicsBE126WIFIrepeater has multiple vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/106769"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35048"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008294"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116975"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008294"
},
{
"db": "NVD",
"id": "CVE-2017-8772"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.digitalwhisper.co.il/files/zines/0x56/dw86-1-repeaterhack.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8772"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8772"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-35048"
},
{
"db": "VULHUB",
"id": "VHN-116975"
},
{
"db": "VULMON",
"id": "CVE-2017-8772"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008294"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-243"
},
{
"db": "NVD",
"id": "CVE-2017-8772"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-35048"
},
{
"db": "VULHUB",
"id": "VHN-116975"
},
{
"db": "VULMON",
"id": "CVE-2017-8772"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008294"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-243"
},
{
"db": "NVD",
"id": "CVE-2017-8772"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35048"
},
{
"date": "2017-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-116975"
},
{
"date": "2017-09-20T00:00:00",
"db": "VULMON",
"id": "CVE-2017-8772"
},
{
"date": "2017-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008294"
},
{
"date": "2017-05-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-243"
},
{
"date": "2017-09-20T14:29:00.233000",
"db": "NVD",
"id": "CVE-2017-8772"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-35048"
},
{
"date": "2017-09-28T00:00:00",
"db": "VULHUB",
"id": "VHN-116975"
},
{
"date": "2017-09-28T00:00:00",
"db": "VULMON",
"id": "CVE-2017-8772"
},
{
"date": "2017-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008294"
},
{
"date": "2017-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-243"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-8772"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-243"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BE126 WIFI Repeater Vulnerabilities related to the use of hard-coded credentials on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008294"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-243"
}
],
"trust": 0.6
}
}
VAR-201805-1019
Vulnerability from variot - Updated: 2024-11-23 22:12Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update. T&W WIFI Repeater BE126 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GongjinElectronicsT&WWIFIRepeaterBE126 is a wireless Internet repeater from China's Gongjin Electronics. A security vulnerability exists in GongjinElectronicsT&WWIFIRepeaterBE126 that was caused by the upgrade process failing to authenticate the firmware. An attacker could exploit the vulnerability as a newer firmware with maliciously crafted firmware
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1019",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "be126",
"scope": "eq",
"trust": 1.6,
"vendor": "twsz",
"version": null
},
{
"model": "be126",
"scope": null,
"trust": 0.8,
"vendor": "gongjin",
"version": null
},
{
"model": "electronics t\u0026w wifi repeater be126",
"scope": null,
"trust": 0.6,
"vendor": "gongjin",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:twsz:be126_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
}
]
},
"cve": "CVE-2018-9232",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-9232",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10144",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-139264",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-9232",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-9232",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-9232",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-10144",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-013",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-139264",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Due to the lack of firmware authentication in the upgrade process of T\u0026W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update. T\u0026W WIFI Repeater BE126 The device contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GongjinElectronicsT\u0026WWIFIRepeaterBE126 is a wireless Internet repeater from China\u0027s Gongjin Electronics. A security vulnerability exists in GongjinElectronicsT\u0026WWIFIRepeaterBE126 that was caused by the upgrade process failing to authenticate the firmware. An attacker could exploit the vulnerability as a newer firmware with maliciously crafted firmware",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-9232"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-9232",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-10144",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-139264",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"id": "VAR-201805-1019",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
}
],
"trust": 1.6375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
}
]
},
"last_update_date": "2024-11-23T22:12:31.657000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.twsz.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-139264"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.digitalwhisper.co.il/files/zines/0x5e/dw94-3-repeater2.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-9232"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-9232"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"db": "VULHUB",
"id": "VHN-139264"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"date": "2018-05-01T00:00:00",
"db": "VULHUB",
"id": "VHN-139264"
},
{
"date": "2018-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"date": "2018-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"date": "2018-05-01T18:29:00.633000",
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10144"
},
{
"date": "2018-06-13T00:00:00",
"db": "VULHUB",
"id": "VHN-139264"
},
{
"date": "2018-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004944"
},
{
"date": "2018-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-013"
},
{
"date": "2024-11-21T04:15:10.360000",
"db": "NVD",
"id": "CVE-2018-9232"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "T\u0026W WIFI Repeater BE126 Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004944"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-013"
}
],
"trust": 0.6
}
}