CVE-2024-11983

Name of the Vulnerable Software and Affected Versions: Billion Electric routers (affected versions not specified)

Description: The issue concerns an OS Command Injection vulnerability in certain models of Billion Electric routers. This vulnerability allows remote attackers with administrator privileges to inject arbitrary system commands into a specific SSH function and execute them on the device. The vulnerability is related to the failure to neutralize special elements used in the operating system command.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.