CVE-2020-11447

EPSS 0.7%CWE-200

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device.

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://0xem.ma/posts/HH3K-CVE/https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems