Impact
The vulnerability allows an attacker who can reach the web management interface on the Beetel 777VR1 to use hard‑coded administrative credentials that are embedded in the firmware. Because the login credentials are trivial, an authenticated attacker can gain full control of the device and change configuration settings, potentially exposing the network or disabling services. The weakness stems from hard‑coded passwords (CWE‑259) and hard‑coded secrets (CWE‑798).
Affected Systems
Beetel 777VR1 routers with firmware versions up to 01.00.09 are impacted. No newer revisions have been confirmed to be affected.
Risk and Exploitability
The CVSS base score is 8.7, indicating high severity. EPSS is 1%, meaning exploitation is considered very unlikely but still possible. The vulnerability is not listed in the CISA KEV catalog. Attackers must have local network access to reach the vulnerable web interface; once accessed they can log in with the hard‑coded credentials and modify settings.
OpenCVE Enrichment