KAYSUS KS-WR1200 Hardcoded Credential Vulnerability in SSH and TELNET Services

Vulnerability

A vulnerability exists in KAYSUS KS-WR1200 routers running firmware 107, where SSH and TELNET services are exposed on the LAN interface with hardcoded root credentials. The default credentials are root:12345678. Users cannot disable these services or change the password, as the management GUI password does not affect SSH or TELNET authentication. This flaw allows any attacker on the LAN to log in with root privileges.

Impact

Exploitation of this vulnerability allows for unauthorized access to the router with root privileges, enabling potential modification of router settings or interception of network traffic.

Added: Jan 8, 2026, 9:21 PM

Updated: Jan 8, 2026, 10:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.0

remediation

0.0

relevance

2.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.0

remediation

0.0

relevance

2.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

KAYSUS KS-WR1200 Hardcoded Credential Vulnerability in SSH and TELNET Services

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating