CVE-2024-11980 Information

Description

Certain modes of routers from Billion Electric have a Missing Authentication vulnerability allowing unauthenticated remote attackers to directly access the specific functionality to obtain partial device information modify the WiFi SSID and restart the device.

Reference

https://www.twcert.org.tw/en/cp-139-8274-01e55-2.html https://www.twcert.org.tw/tw/cp-132-8273-95a07-1.html