CVE-2017-13713

Description

T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• http://packetstormsecurity.com/files/143978/Wireless-Repeater-BE126-Remote-Code-Execution.html
• https://www.exploit-db.com/exploits/42608/
• http://packetstormsecurity.com/files/143978/Wireless-Repeater-BE126-Remote-Code-Execution.html
• https://www.exploit-db.com/exploits/42608/

CWEs

CWE-78

💬 Discuss CVE-2017-13713 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.