CVE-2024-11980: Billion Electric router - Missing Authentication

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-11980

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Billion Electric router - Missing Authentication

Source: NVD (National Vulnerability Database)

Vulnerability Description

Certain modes of routers from Billion Electric have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access the specific functionality to obtain partial device information, modify the WiFi SSID, and restart the device.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

关键功能的认证机制缺失

Source: NVD (National Vulnerability Database)

Vulnerability Title

Billion Electric多款产品安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Billion Electric M100等都是中国盛达电业（Billion Electric）公司的一款无线路由器。 Billion Electric多款产品存在安全漏洞，该漏洞源于身份验证不当，允许攻击者直接访问特定功能以获取部分设备信息、修改 WiFi SSID 并重启设备。以下产品受到影响： M100、M150、M120N和M500。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Billion Electric	M100	1.04.1.592.* ~ 1.04.1.592.8	-
Billion Electric	M150	1.04.1.592.* ~ 1.04.1.592.8	-
Billion Electric	M120N	1.04.1.592.* ~ 1.04.1.592.8	-
Billion Electric	M500	1.04.1.592.* ~ 1.04.1.592.8	-

II. Public POCs for CVE-2024-11980

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-11980

Please Login to view more intelligence information

https://nvd.nist.gov/vuln/detail/CVE-2024-11980

IV. Related Vulnerabilities

Same product: M100

Same vendor: Billion Electric

Same weakness: CWE-306

V. Comments for CVE-2024-11980

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2024-11980

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-11980

III. Intelligence Information for CVE-2024-11980

IV. Related Vulnerabilities

V. Comments for CVE-2024-11980

Leave a comment