cbcvebase.

Billion Electric M100 vulnerabilities

5 known vulnerabilities affecting billion_electric/m100.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH5

Vulnerabilities

Page 1 of 1
CVE-2024-11980P2HIGHCVSS 8.6≥ 1.04.1.592.*, < 1.04.1.592.8≥ 1.04.1.613.*, < 1.04.613.13+1 more2024-11-29
CVE-2024-11980 [HIGH] CWE-306 CVE-2024-11980: Certain modes of routers from Billion Electric have a Missing Authentication vulnerability, allowing Certain modes of routers from Billion Electric have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access the specific functionality to obtain partial device information, modify the WiFi SSID, and restart the device.
nvd
CVE-2024-11981P3HIGHCVSS 7.5≥ 1.04.1.592.*, < 1.04.1.592.8≥ 1.04.1.613.*, < 1.04.1.613.13+1 more2024-11-29
CVE-2024-11981 [HIGH] CWE-288 CVE-2024-11981: Certain models of routers from Billion Electric has an Authentication Bypass vulnerability, allowing Certain models of routers from Billion Electric has an Authentication Bypass vulnerability, allowing unautheticated attackers to retrive contents of arbitrary web pages.
nvd
CVE-2024-11983P3HIGHCVSS 7.2≥ 1.04.1.592.*, < 1.04.1.592.8≥ 1.04.1.613.*, < 1.04.1.613.13+1 more2024-11-29
CVE-2024-11983 [HIGH] CWE-78 CVE-2024-11983: Certain models of routers from Billion Electric has an OS Command Injection vulnerability, allowing Certain models of routers from Billion Electric has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject arbitrary system commands into a specific SSH function and execute them on the device.
nvd
CVE-2024-11982P3HIGHCVSS 7.2≥ 1.04.1.592.*, < 1.04.1.592.8≥ 1.04.1.613.*, < 1.04.1.613.13+1 more2024-11-29
CVE-2024-11982 [HIGH] CWE-256 CVE-2024-11982: Certain models of routers from Billion Electric has a Plaintext Storage of a Password vulnerability. Certain models of routers from Billion Electric has a Plaintext Storage of a Password vulnerability. Remote attackers with administrator privileges can access the user settings page to retrieve plaintext passwords.
nvd
CVE-2025-1143P3HIGHCVSS 8.4≥ 1.04.1.159.*, < 1.04.1.592.10≥ 1.04.1.613.*, < 1.04.1.613.14+1 more2025-02-11
CVE-2025-1143 [HIGH] CWE-798 CVE-2025-1143: Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these credentials and obtain root privilege of the system.
nvd
Billion Electric M100 vulnerabilities | cvebase