{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-11980",
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain modes of routers from Billion Electric have a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access the specific functionality to obtain partial device information, modify the WiFi SSID, and restart the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function",
"cweId": "CWE-306"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Billion Electric",
"product": {
"product_data": [
{
"product_name": "M100",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M150",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M120N",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
},
{
"product_name": "M500",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.8"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.613.13"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.675"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8273-95a07-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-8273-95a07-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-8274-01e55-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-8274-01e55-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202411025",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.
For firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.
For all other firmware version 1.04.1.x, please update to 1.04.1.675 or later.
"
}
],
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.8 or later.\nFor firmware version 1.04.1.613.x, please update to 1.04.1.613.13 or later.\nFor all other firmware version 1.04.1.x, please update to 1.04.1.675 or later."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}