CVE-2026-2617

MEDIUM

Beetel 777VR1 <=01.00.09 - Insecure Default

Title source: llm

Description

A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

References (6)

[Permissions Required, VDB Entry] https://vuldb.com/?id.346267

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.346267

[Permissions Required, VDB Entry] https://vuldb.com/?submit.751436

[Permissions Required, VDB Entry] https://vuldb.com/?submit.751568

[Various Sources] https://gist.github.com/raghav20232023/39e3d88d1bc2bcef89bb0f3b5fbb73e0

[Various Sources] https://gist.github.com/raghav20232023/39e3d88d1bc2bcef89bb0f3b5fbb73e0#proofsteps-to-reproduce

Scores

CVSS v3 6.3

EPSS 0.0006

EPSS Percentile 18.9%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-1188

Status published

Products (1)

beetel/777vr1_firmware < 01.00.09_55

Published Feb 17, 2026

Tracked Since Feb 18, 2026