Home

Description

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.09_55. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

PUBLISHED Reserved 2026-01-25 | Published 2026-01-26 | Updated 2026-02-23 | Assigner VulDB




MEDIUM: 5.4CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
MEDIUM: 6.1CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
MEDIUM: 6.1CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
5.9AV:L/AC:H/Au:M/C:C/I:C/A:C/E:POC/RL:ND/RC:UR

Problem types

Improper Access Controls

Incorrect Privilege Assignment

Product status

01.00.09
affected

01.00.09_55
affected

Timeline

2026-01-25:Advisory disclosed
2026-01-25:VulDB entry created
2026-01-27:VulDB entry last update

Credits

raghav_2026 (VulDB User) reporter

References

vuldb.com/?id.342800 (VDB-342800 | Beetel 777VR1 UART access control) vdb-entry technical-description

vuldb.com/?ctiid.342800 (VDB-342800 | CTI Indicators (IOB, IOC, TTP)) signature permissions-required

vuldb.com/?submit.740674 (Submit #740674 | Beetel Beetel 777VR1 Broadband Router Firmware Versions: V01.00.09 / V01.00.09_55 CWE-284 — Improper Access Control) third-party-advisory

gist.github.com/...20232023/ea6adcd6d1eca35683570a1094164bd3 exploit

cve.org (CVE-2026-1411)

nvd.nist.gov (CVE-2026-1411)

Download JSON