CVE-2020-11448

Vulnerability

CVE-2020-11448 describes a stored cross-site scripting (XSS) vulnerability in Bell HomeHub 3000 modems (model SG48222070). The vulnerability resides in the email field on the device's login page. An attacker can inject malicious JavaScript that is stored and later executed when an administrator or user views the affected page. This issue affects the Bell HomeHub 3000 running firmware identified by SG48222070.

Exploitation

To exploit this vulnerability, an attacker needs to be able to submit or modify the email field on the login page, which likely requires prior authenticated access to the device's management interface. The attacker injects a crafted payload (e.g., ``) into the email field. When another user (such as an administrator) views the login page or a page that displays this user-controlled value, the injected script executes in the context of the victim's session. No further user interaction beyond viewing the page is required after the injection.

Impact

Successful exploitation allows an attacker to execute arbitrary JavaScript in the context of the victim's browser session on the HomeHub 3000 management interface. This can lead to session hijacking, credential theft (via form data capture), or defacement of the interface. If an administrator is the target, the attacker could potentially perform administrative actions on the device, compromising network configuration and security.

Mitigation

Bell has not provided a fix or advisory for CVE-2020-11447 in the available references. The reference [1] describes general access control features but does not address this specific vulnerability. Users are advised to restrict physical and network access to the HomeHub 3000 management interface, use strong credentials, and monitor the email field for unexpected content. If the device is end-of-life, consider replacing it with a supported model. No patch or workaround is documented in the referenced materials.