{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2617", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-02-17T07:00:47.891Z", "datePublished": "2026-02-17T15:32:06.089Z", "dateUpdated": "2026-02-17T15:46:49.526Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-17T15:32:06.089Z"}, "title": "Beetel 777VR1 Telnet Service/SSH Service insecure default initialization of resource", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-1188", "lang": "en", "description": "Insecure Default Initialization of Resource"}]}], "affected": [{"vendor": "Beetel", "product": "777VR1", "versions": [{"version": "01.00.09", "status": "affected"}], "modules": ["Telnet Service/SSH Service"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5.8, "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-02-17T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-02-17T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-02-17T08:05:54.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "raghav_2026 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.346267", "name": "VDB-346267 | Beetel 777VR1 Telnet Service/SSH Service insecure default initialization of resource", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.346267", "name": "VDB-346267 | CTI Indicators (IOB, IOC)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.751436", "name": "Submit #751436 | Beetel 777VR1 Firmware Versions: V01.00.09 / V01.00.09_55 Unauthorized Telnet Service Activation - CWE-1188", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.751568", "name": "Submit #751568 | Beetel 777VR1 Firmware Versions: V01.00.09 / V01.00.09_55 Unauthorized SSH Service Activation - CWE-284 (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://gist.github.com/raghav20232023/39e3d88d1bc2bcef89bb0f3b5fbb73e0", "tags": ["related"]}, {"url": "https://gist.github.com/raghav20232023/39e3d88d1bc2bcef89bb0f3b5fbb73e0#proofsteps-to-reproduce", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-17T15:45:30.572454Z", "id": "CVE-2026-2617", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-17T15:46:49.526Z"}}]}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-2617", "lastModified": "2026-02-17T16:20:29.987", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-02-17T16:20:29.987", "references": [{"source": "cna@vuldb.com", "url": "https://gist.github.com/raghav20232023/39e3d88d1bc2bcef89bb0f3b5fbb73e0"}, {"source": "cna@vuldb.com", "url": "https://gist.github.com/raghav20232023/39e3d88d1bc2bcef89bb0f3b5fbb73e0#proofsteps-to-reproduce"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.346267"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.346267"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.751436"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.751568"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1188"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{}