Primary

Context

Billion Electric Routers Hard-Coded Credentials Vulnerability Allowing Root Access via SSH

Vulnerability

A vulnerability exists in certain Billion Electric router models, including the M100, M150, M120N, and M500. These routers have hard-coded Linux credentials that can be used to log in through the SSH service, granting root privileges on the system.

Impact

Exploitation of this vulnerability allows for unauthorized SSH access with root privileges on the affected router models.

Remediation

Users with routers on firmware version 1.04.1.592.x should update to version 1.04.1.592.10 or later. Those on version 1.04.1.613.x should update to 1.04.1.613.14 or later. For all other versions in the 1.04.1.x range, users should update to 1.04.1.676 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Billion Electric Routers Hard-Coded Credentials Vulnerability Allowing Root Access via SSH

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating