cbcvebase.
CVE-2024-11983
published 2024-11-29

CVE-2024-11983: Certain models of routers from Billion Electric has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject…

PriorityP349high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
1.09%
61.3th percentile
Certain models of routers from Billion Electric has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject arbitrary system commands into a specific SSH function and execute them on the device.

Affected

12 ranges
VendorProductVersion rangeFixed in
billion_electricm100>= 1.04.1.* < 1.04.1.6751.04.1.675
billion_electricm100>= 1.04.1.592.* < 1.04.1.592.81.04.1.592.8
billion_electricm100>= 1.04.1.613.* < 1.04.1.613.131.04.1.613.13
billion_electricm120n>= 1.04.1.* < 1.04.1.6751.04.1.675
billion_electricm120n>= 1.04.1.592.* < 1.04.1.592.81.04.1.592.8
billion_electricm120n>= 1.04.1.613.* < 1.04.1.613.131.04.1.613.13
billion_electricm150>= 1.04.1.* < 1.04.1.6751.04.1.675
billion_electricm150>= 1.04.1.592.* < 1.04.1.592.81.04.1.592.8
billion_electricm150>= 1.04.1.613.* < 1.04.1.613.131.04.1.613.13
billion_electricm500>= 1.04.1.* < 1.04.1.6751.04.1.675
billion_electricm500>= 1.04.1.592.* < 1.04.1.592.81.04.1.592.8
billion_electricm500>= 1.04.1.613.* < 1.04.1.613.131.04.1.613.13
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.