CVE-2025-1143

Billion Electric M120N - Use of Hard-coded Credentials

Description

Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these credentials and obtain root privilege of the system.

INFO

Published Date :

2025-02-11T03:17:22.510Z

Last Modified :

2025-02-18T18:00:30.733Z

Source :

twcert

AFFECTED PRODUCTS

The following products are affected by CVE-2025-1143 vulnerability.

Vendors	Products
Billion Electric	M120n

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-1143.

URL	Resource
https://www.twcert.org.tw/en/cp-139-8414-096ce-2.html
https://www.twcert.org.tw/tw/cp-132-8413-ec9a5-1.html

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact