Vulnerabilities > CVE-2020-11447 - Unspecified vulnerability in Bell Home HUB 3000 Firmware Sg48222070

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

bell

NVD

Published: 2023-11-17

Updated: 2023-11-25

Summary

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device.

Vulnerable Configurations

Part	Description	Count
OS	Bell Bell Home HUB 3000 Firmware Sg48222070	1
Hardware	Bell Bell Home HUB 3000 -	1

References

https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems
https://0xem.ma/posts/HH3K-CVE/