CVE-2024-11983

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Nov 29, 2024
CWE ID 78

Summary

CVE-2024-11983 is a newly identified vulnerability that affects certain models of routers from Billion Electric. This OS Command Injection issue grants administrators with remote access the ability to inject arbitrary system commands into a specific SSH function. Successful exploitation of this vulnerability allows attackers to execute commands on the affected device, potentially leading to unauthorized access or system compromise. It is crucial for organizations using Billion Electric routers to apply the forthcoming patch or update their configurations to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share