Critical Vulnerability in Billion Electric Routers
CVE-2025-1143 is a vulnerability affecting certain models of Billion Electric routers. It stems from hard-coded embedded Linux credentials, which could allow attackers to log in through the SSH service and gain root privileges on the device. The Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) issued a security advisory regarding this vulnerability, assigning it a CVSS score of 8.4.
The following Billion Electric router models are affected:
- M100
- M150
- M120N
- M500
Billion Electric has released firmware updates to address the CVE-2025-1143 vulnerability. Users of the affected router models are strongly advised to update their devices to the latest firmware versions as soon as possible.The following firmware updates are available:
- For firmware version 1.04.1.592.x, please update to 1.04.1.592.10 or later.
- For firmware version 1.04.1.613.x, please update to 1.04.1.613.14 or later.
- For all other firmware version 1.04.1.x, please update to 1.04.1.676 or later.
- Change the default SSH password to a strong, unique password.
- Disable SSH access from the internet if it is not required.
- Enable automatic firmware updates to ensure that devices are always running the latest security patches.
- Monitor network traffic for suspicious activity.
An attacker could exploit this vulnerability by logging in through the SSH service using these credentials, thereby gaining root privileges on the device. Gaining root access would enable attackers to bypass critical security mechanisms such as firewalls, intrusion detection systems, and logging mechanisms, further obscuring their activities. This could also result in significant data breaches and leakage, giving attackers access to all data stored on the system, including sensitive or proprietary information that could be stolen or publicly disclosed.