Lucene search

[email protected]CVE-2020-11448

HistoryNov 17, 2023 - 12:15 p.m.

CVE-2020-11448

2023-11-1712:15:07

CWE-79

[email protected]

web.nvd.nist.gov

cve-2020-11448

bell homehub 3000

xss

email field

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

An issue was discovered on Bell HomeHub 3000 SG48222070 devices. There is XSS related to the email field and the login page.

Affected configurations

NVD

Node

bellhome_hub_3000_firmwareMatchsg48222070

AND

bellhome_hub_3000Match-

CPENameOperatorVersion
bell:home_hub_3000_firmwarebell home hub 3000 firmwareeqsg48222070

CPE	Name	Operator	Version
bell:home_hub_3000_firmware	bell home hub 3000 firmware	eq	sg48222070

References

0xem.ma/posts/HH3K-CVE/

support.bell.ca/Internet/Connection-help/Access_control_in_the_Home_Hub_modems

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVE-2020-11448

prion1 cvelist1 nvd1