CVE-2026-2617 PUBLISHED

A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of resource. The attack can only be performed from the local network. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

• raghav_2026 (VulDB User) reporter

• VDB-346267 | Beetel 777VR1 Telnet Service/SSH Service insecure default initialization of resource
• VDB-346267 | CTI Indicators (IOB, IOC)
• Submit #751436 | Beetel 777VR1 Firmware Versions: V01.00.09 / V01.00.09_55 Unauthorized Telnet Service Activation - CWE-1188
• Submit #751568 | Beetel 777VR1 Firmware Versions: V01.00.09 / V01.00.09_55 Unauthorized SSH Service Activation - CWE-284 (Duplicate)
• https://gist.github.com/raghav20232023/39e3d88d1bc2bcef89bb0f3b5fbb73e0
• https://gist.github.com/raghav20232023/39e3d88d1bc2bcef89bb0f3b5fbb73e0#proofsteps-to-reproduce

• Insecure Default Initialization of Resource CWE