HOMEVULNERABILITIESCVE-2026-2702
LOW

CVE-2026-2702

CWE-259Published: February 19, 2026· Updated: Feb 19, 2026

3.1
CVSS v3.1
EPSS:0.01%probability of exploitation in 30 daysPercentile:2.1th

Official Description

A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. This issue affects some unknown processing of the component WPA2 PSK. Performing a manipulation results in hard-coded credentials. The attacker must have access to the local network to execute the attack. The complexity of an attack is rather high. The exploitability is assessed as difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

NVD Source

Technical Analysis

CVE-2026-2702 requires adjacent network access, limiting remote exploitation but still posing risk in shared or local network environments.

The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorAdjacent
Attack ComplexityHigh
Privileges Req.None
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityLow
IntegrityNone
AvailabilityNone
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

News & Research Mentioning CVE-2026-2702

Mobility46 mobility46.se
CISA Alerts· Feb 26, 2026

View CSAF Summary Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. The following versions of Mobility46 mobility46.se are affected: mobility46.se vers:all/* (CVE-2026-27028, CVE-2026-26305, CVE-2026-27647, CVE-2026-22878) CVSS Vendor Equipment Vulnerabilities v3 9.4 Mobility46 Mobility46 mobility46.se Missing Authentication for Critical Function, Improper Restriction of Excessive Authentication Attempts, Insufficient Session Expiration, Insufficiently Protected Credentials Background Critical Infrastructure Sectors: Energy, Transportation Systems Countries/Areas Deployed: Worldwide Compan [xlite_meta score:63 src:CISA Alerts xlite_fp:aa4b7052079b2b568d4721fb28e1ff074a4562169b39a58342380d79b8a969f1]

All References (5)

Quick Facts

CVE IDCVE-2026-2702
CVSS Score3.1 / 10
SeverityLOW
WeaknessCWE-259
CISA KEVNo
EPSS (30d)0.01%
PublishedFeb 19, 2026

Related CVEs (CWE-259)

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-2702 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.