0Xemma

**Name of the Vulnerable Software and Affected Versions** Bell HomeHub 3000 version SG48222070 **Description** An issue allows remote authenticated users to retrieve the serial number via the "cgi/json-req" endpoint. This is considered an information leak because the serial number is intended to prove an actor's physical access to the device. **Recommendations** For Bell HomeHub 3000 version SG48222070, as a temporary workaround, consider restricting access to the "cgi/json-req" endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bell HomeHub 3000 version SG48222070 **Description** An issue was discovered related to the email field and the login page, specifically a cross-site scripting (XSS) issue. **Recommendations** For version SG48222070, as a temporary workaround, consider restricting access to the login page until a patch is available. Avoid using the email field in the login page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Valve Source (affected versions not specified) **Description** The issue allows local users to gain privileges by writing to the `/tmp/hl2 relaunch` file, which is later executed in the context of a different user account. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.