| TVN ID | TVN-202502001 |
|---|---|
| CVE ID | CVE-2025-1143 |
| CVSS | 8.4 (High) CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | M100, M150, M120N, and M500 |
| Description | Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these credentials and obtain root privilege of the system. |
| Solution | For firmware version 1.04.1.592.x, please update to 1.04.1.592.10 or later. For firmware version 1.04.1.613.x, please update to 1.04.1.613.14 or later. For all other firmware version 1.04.1.x, please update to 1.04.1.676 or later. |
| Credit | Chiao-Lin Yu (Steven Meow) |
| Public Date | 2025-02-10 |
:::