CVE-2026-2617
Insecure Initialization in Beetel 777VR1 Telnet/SSH Service
Publication date: 2026-02-17
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| beetel | 777vr1_firmware | to 01.00.09_55 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1188 | The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-2617 is a critical vulnerability in the Beetel 777VR1 Broadband Router firmware versions up to 01.00.09. It affects the Telnet Service and SSH Service components by allowing insecure default initialization of resources, specifically enabling unauthorized activation of these services.
An attacker with local network access or physical access to the UART diagnostic shell can manipulate internal Management Information Base (MIB) parameters and Access Control List (ACL) settings without authentication. This manipulation enables the deprecated Telnet service or SSH service, which are disabled by default, exposing root-equivalent shell access.
Telnet credentials are weak (default admin:password), transmitted in plaintext, and reused across multiple interfaces, allowing attackers to intercept credentials, perform man-in-the-middle attacks, and gain persistent administrative control over the device.
How can this vulnerability impact me? :
This vulnerability can lead to full device compromise by allowing attackers to gain root-level access remotely or via local network access without authentication.
- Attackers can enable Telnet or SSH services that are disabled by default.
- Credentials can be intercepted due to plaintext transmission, enabling man-in-the-middle attacks.
- Weak default credentials facilitate unauthorized access and lateral privilege escalation across device interfaces.
- Attackers can make persistent configuration changes that survive device reboots.
- Sensitive information and administrative control over the device can be exposed, risking confidentiality, integrity, and availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability negatively impacts compliance with common security standards and regulations such as GDPR and HIPAA because it compromises confidentiality, integrity, and availability of sensitive data and device management.
The use of deprecated Telnet service with weak default credentials and plaintext transmission violates best practices and standards like NIST, CIS, and ISO/IEC 27001, which require secure authentication, encryption, and access control.
Unauthorized access and potential data interception due to this vulnerability could lead to breaches of personal or sensitive information, resulting in non-compliance with data protection regulations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of CVE-2026-2617 involves checking if the Telnet or SSH services are enabled on the Beetel 777VR1 device, especially since these services are disabled by default but can be activated via manipulation of the Management Information Base (MIB) and Access Control List (ACL).
Commands to detect the vulnerability include accessing the diagnostic shell via UART or network and inspecting the TELNET_STATE parameter in the MIB to see if Telnet is enabled (value 0x1). Additionally, checking the ACL table for Telnet or SSH presence in the blacklist or whitelist can indicate if these services have been improperly enabled.
- Use UART console access to view and modify the ACL table to check if Telnet or SSH is removed from the blacklist.
- Query the TELNET_STATE parameter in the MIB to verify if Telnet is enabled (should be 0x0 if disabled).
- Attempt to establish a Telnet or SSH connection to the device from the local network to see if the service is active.
- Check for default credentials (admin:password) on Telnet or SSH services if they are active.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps for CVE-2026-2617 include restricting access to the vulnerable services and interfaces, as well as disabling or removing the Telnet and SSH services if they are enabled.
Specifically, implement restrictive firewall rules to block unauthorized local network access to Telnet and SSH services.
Remove Telnet binaries and configuration hooks permanently and enforce immutable disablement of Telnet at compile time if possible.
Restrict access to diagnostic interfaces such as UART and web console by enforcing authentication and role separation.
Change default weak credentials (admin:password) on all management interfaces to strong, unique passwords.
Monitor and audit ACL and MIB configurations regularly to detect unauthorized modifications.