cbcvebase.
CVE-2024-11980
published 2024-11-29

CVE-2024-11980: Certain modes of routers from Billion Electric have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access the…

PriorityP258high8.6CVSS 3.1
AVNACLPRNUINSUCLILAH
EPSS
0.46%
36.8th percentile
Certain modes of routers from Billion Electric have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access the specific functionality to obtain partial device information, modify the WiFi SSID, and restart the device.

Affected

12 ranges
VendorProductVersion rangeFixed in
billion_electricm100>= 1.04.1.* < 1.04.1.6751.04.1.675
billion_electricm100>= 1.04.1.592.* < 1.04.1.592.81.04.1.592.8
billion_electricm100>= 1.04.1.613.* < 1.04.613.131.04.613.13
billion_electricm120n>= 1.04.1.* < 1.04.1.6751.04.1.675
billion_electricm120n>= 1.04.1.592.* < 1.04.1.592.81.04.1.592.8
billion_electricm120n>= 1.04.1.613.* < 1.04.613.131.04.613.13
billion_electricm150>= 1.04.1.* < 1.04.1.6751.04.1.675
billion_electricm150>= 1.04.1.592.* < 1.04.1.592.81.04.1.592.8
billion_electricm150>= 1.04.1.613.* < 1.04.613.131.04.613.13
billion_electricm500>= 1.04.1.* < 1.04.1.6751.04.1.675
billion_electricm500>= 1.04.1.592.* < 1.04.1.592.81.04.1.592.8
billion_electricm500>= 1.04.1.613.* < 1.04.613.131.04.613.13
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.