{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-11981",
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain models of routers from Billion Electric has an Authentication Bypass vulnerability, allowing unautheticated attackers to retrive contents of arbitrary web pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel",
"cweId": "CWE-288"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Billion Electric",
"product": {
"product_data": [
{
"product_name": "M100",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M150",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M120N",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M500",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8275-50f42-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-8275-50f42-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-8276-1defb-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-8276-1defb-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202411026",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.
For firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.
For all other firmware version 1.04.1.x, please update to 1.04.1.675 or later.
"
}
],
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.\nFor firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.\nFor all other firmware version 1.04.1.x, please update to 1.04.1.675 or later."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}
}