CVE-2020-11447

EPSS 0.7%CWE-200

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device.

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://0xem.ma/posts/HH3K-CVE/https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems