CVE-2026-2616
Published: 17 February 2026
Description
A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an unknown function of the component Web Management Interface. The manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network.…
more
The exploit has been disclosed to the public and may be used. It is advisable to modify the configuration settings. The vendor was contacted early about this disclosure but did not respond in any way.
Mitigating Controls (NIST 800-53 r5)AI
Directly requires management of authenticators including changing default or hard-coded credentials and protecting them from unauthorized disclosure, preventing exploitation of embedded credentials in the web management interface.
Ensures configuration settings for the router's web management interface are securely established and enforced to override or mitigate hard-coded credentials as recommended in advisories.
Mandates timely identification and remediation of flaws like hard-coded credentials through patches, configuration changes, or other mitigations despite lack of vendor response.
Security SummaryAI
CVE-2026-2616 is a vulnerability involving hard-coded credentials in an unknown function of the Web Management Interface component in Beetel 777VR1 routers, affecting versions up to 01.00.09. Classified under CWE-259 (Use of Hard-coded Password) and CWE-798 (Use of Hard-coded Credentials), it carries a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The issue was publicly disclosed on 2026-02-17.
Attackers on the adjacent local network (AV:A) can exploit this vulnerability with low complexity and no required privileges or user interaction. Successful exploitation grants high-impact access to confidentiality, integrity, and availability, potentially allowing full compromise of the device, such as executing arbitrary commands or altering configurations via the exposed credentials in the web interface.
Advisories, including those from VulDB and a public GitHub Gist detailing reproduction steps, recommend modifying configuration settings to mitigate the risk, as no patches are available. The vendor was contacted early but provided no response. The exploit code has been publicly disclosed and may be actively used.
Notable context includes the public availability of the exploit, increasing the likelihood of real-world attacks against unpatched Beetel 777VR1 devices on local networks. No evidence of widespread exploitation or AI/ML relevance is reported.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Hard-coded credentials enable use of default accounts (T1078.001) for unauthenticated access to the web management interface, classified as exploitation of a public-facing application (T1190).