CVE-2017-8837

CRITICAL

Peplink Balance Firmware Cleartext Password Storage in /etc/waipass and /etc/roapass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-8837. PoCs published by X41 D-Sec GmbH.

AI-analyzed exploit summary This is a detailed security advisory from X41 D-Sec GmbH describing multiple vulnerabilities in Peplink Balance routers, including SQL injection, CSRF, XSS, file deletion, and information disclosure. It provides technical details, CVSS scores, and mitigation steps for each vulnerability.

Description

Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The files in question are /etc/waipass and /etc/roapass. In case one of these devices is compromised, the attacker can gain access to passwords and abuse them to compromise further systems.

Exploits (1)

exploitdb WRITEUP

by X41 D-Sec GmbH · textwebappscgi

https://www.exploit-db.com/exploits/42130

View Code ZIP pw:eip

This is a detailed security advisory from X41 D-Sec GmbH describing multiple vulnerabilities in Peplink Balance routers, including SQL injection, CSRF, XSS, file deletion, and information disclosure. It provides technical details, CVSS scores, and mitigation steps for each vulnerability.

Classification

Writeup 100%

Attack Type

Sqli | Xss | Dos | Info Leak | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Peplink Balance Routers (7.0.0-build1904)

No auth needed

Prerequisites: Network access to the Peplink device · Valid session cookie for some attacks

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Mailing List, Third Party Advisory x_refsource_misc

http://seclists.org/bugtraq/2017/Jun/1

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42130/

Patch, Third Party Advisory x_refsource_misc

https://www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/

Scores

CVSS v3 9.8

EPSS 0.0494

EPSS Percentile 91.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-522

Status published

Products (6)

peplink/1350hw2_firmware 7.0.1

peplink/2500_firmware 7.0.1

peplink/380hw6_firmware 7.0.1

peplink/580hw2_firmware 7.0.1

peplink/710hw3_firmware 7.0.1

peplink/b305hw2_firmware 7.0.1

Published Jun 05, 2017

Tracked Since Feb 18, 2026