CVE-2024-11980 (CVSS 10): Critical Flaw in Billion Electric Routers

TWCERT/CC disclosed multiple vulnerabilities affecting several Billion Electric router models, including the M100, M150, M120N, and M500. These vulnerabilities range in severity, with the most critical (CVE-2024-11980) receiving a CVSSv3 score of 10.0, indicating a high potential for exploitation.

CVE-2024-11980: Missing Authentication

This critical vulnerability allows unauthenticated, remote attackers to exploit a missing authentication check in a specific functionality. Successful exploitation could enable attackers to:

• Obtain sensitive device information.
• Modify the Wi-Fi SSID, potentially disrupting network connectivity or facilitating further attacks.
• Restart the device, causing denial of service.

Other Vulnerabilities

In addition to the critical missing authentication vulnerability, TWCERT/CC also identified the following:

• CVE-2024-11981 (CVSSv3 7.5): Authentication Bypass: Enables unauthorized access to arbitrary web pages, potentially exposing sensitive user data.
• CVE-2024-11982 (CVSSv3 7.2): Plaintext Storage of a Password: Allows attackers with administrator privileges to retrieve user passwords stored in plaintext.
• CVE-2024-11983 (CVSSv3 7.2): OS Command Injection: Permits remote attackers with administrator privileges to inject and execute arbitrary system commands.

Mitigation

Billion Electric has released firmware updates to address these vulnerabilities. Users of affected router models are strongly advised to update their firmware to the following versions:

• Firmware version 1.04.1.592.x: Update to 1.04.1.592.8 or later.
• Firmware version 1.04.1.613.x: Update to 1.04.1.613.13 or later.
• All other firmware version 1.04.1.x: Update to 1.04.1.675 or later.

TWCERT/CC recommends that users prioritize updating their devices to mitigate the risk of exploitation.

Related Posts:

• Aruba Networks fixes multiple vulnerabilities in Aruba Access Points
• VMware Issues Critical Patches for ESXi, Workstation, Fusion, & Cloud Foundation
• VMware Addresses Critical Security Vulnerabilities in Workstation and Fusion
• VMware patches a high vulnerability in vCenter Server
• Critical auth bypass flaw in multiple VMware products