Home

Description

A vulnerability was detected in Beetel 777VR1 up to 01.00.09/01.00.09_55. Impacted is an unknown function of the component UART Interface. The manipulation results in missing authentication. An attack on the physical device is feasible. This attack is characterized by high complexity. The exploitability is considered difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

PUBLISHED Reserved 2026-01-25 | Published 2026-01-26 | Updated 2026-02-23 | Assigner VulDB




MEDIUM: 5.4CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
MEDIUM: 6.4CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
MEDIUM: 6.4CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
6.2AV:L/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR

Problem types

Missing Authentication

Improper Authentication

Product status

01.00.09
affected

01.00.09_55
affected

Timeline

2026-01-25:Advisory disclosed
2026-01-25:VulDB entry created
2026-01-27:VulDB entry last update

Credits

raghav_2026 (VulDB User) reporter

References

vuldb.com/?id.342799 (VDB-342799 | Beetel 777VR1 UART missing authentication) vdb-entry technical-description

vuldb.com/?ctiid.342799 (VDB-342799 | CTI Indicators (IOB, IOC)) signature permissions-required

vuldb.com/?submit.739433 (Submit #739433 | Beetel Beetel 777VR1 Broadband Router Firmware Versions: V01.00.09 / V01.00.09_55 CWE-306 — Missing Authentication for Critical Function) third-party-advisory

gist.github.com/...20232023/96a6b13ab00c493d21362e744627ea9f exploit

cve.org (CVE-2026-1410)

nvd.nist.gov (CVE-2026-1410)

Download JSON