CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-11447

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. Remote authenticated users can retrieve the serial number via cgi/json-req - this is an information leak because the serial number is intended to prove an actor's physical access to the device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.9%

CVSS Severity

CVSS v3 Score 4.3

References

https://0xem.ma/posts/HH3K-CVE/
https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems
https://0xem.ma/posts/HH3K-CVE/
https://support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems

Products affected by CVE-2020-11447

Bell » Home Hub 3000 » Version: N/A

cpe:2.3:h:bell:home_hub_3000:-
Bell » Home Hub 3000 Firmware » Version: sg48222070

cpe:2.3:o:bell:home_hub_3000_firmware:sg48222070

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11447

Products

Pricing

Contact Us