cbcvebase.
CVE-2025-1143
published 2025-02-11

CVE-2025-1143: Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these…

PriorityP345high8.4CVSS 3.1
AVLACLPRNUINSUCHIHAH
EPSS
0.18%
7.7th percentile
Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these credentials and obtain root privilege of the system.

Affected

12 ranges
VendorProductVersion rangeFixed in
billion_electricm100>= 1.04.1.* < 1.04.1.6761.04.1.676
billion_electricm100>= 1.04.1.159.* < 1.04.1.592.101.04.1.592.10
billion_electricm100>= 1.04.1.613.* < 1.04.1.613.141.04.1.613.14
billion_electricm120n>= 1.04.1.* < 1.04.1.6761.04.1.676
billion_electricm120n>= 1.04.1.592.* < 1.04.1.592.101.04.1.592.10
billion_electricm120n>= 1.04.1.613.* < 1.04.1.613.141.04.1.613.14
billion_electricm150>= 1.04.1.* < 1.04.1.6761.04.1.676
billion_electricm150>= 1.04.1.592.* < 1.04.1.592.101.04.1.592.10
billion_electricm150>= 1.04.1.613.* < 1.04.1.613.141.04.1.613.14
billion_electricm500>= 1.04.1.* < 1.04.1.6761.04.1.676
billion_electricm500>= 1.04.1.592.* < 1.04.1.592.101.04.1.592.10
billion_electricm500>= 1.04.1.613.* < 1.04.1.613.141.04.1.613.14
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.