CVE-2024-11981

Name of the Vulnerable Software and Affected Versions: Billion M100 versions (affected versions not specified) Billion M150 versions (affected versions not specified) Billion M120N versions (affected versions not specified) Billion M500 versions (affected versions not specified)

Description: The issue is related to an authentication bypass vulnerability in certain models of Billion Electric routers. This vulnerability allows unauthenticated attackers to retrieve contents of arbitrary web pages, effectively bypassing security restrictions and gaining unauthorized access to protected information. The vulnerability can be exploited remotely.

Recommendations: For Billion M100, update to a version that fixes the authentication bypass issue. For Billion M150, update to a version that fixes the authentication bypass issue. For Billion M120N, update to a version that fixes the authentication bypass issue. For Billion M500, update to a version that fixes the authentication bypass issue. As a temporary workaround, consider restricting access to sensitive web pages until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.