Hay Mizrachi

2 exploits Active since Sep 2017
CVE-2017-8770 EXPLOITDB HIGH python WORKING POC
BE126 WIFI Repeater 1.0 - Local File Disclosure via getpage Parameter
There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter.
CVSS 7.5
CVE-2017-13713 EXPLOITDB HIGH text WORKING POC
T&W WIFI Repeater BE126 - Authenticated Remote Code Execution via User Parameter
T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.
CVSS 8.8