PT-2025-47023 · Sercomm+1 · Sercomm Vfh500+1
Daniel Monzón
·
Published
2025-11-14
·
Updated
2025-11-15
·
CVE-2022-4985
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Vodafone H500s devices version 3.5.10
Description
Vodafone H500s devices running firmware version 3.5.10 (hardware model Sercomm VFH500) have an issue where the WiFi access point password is exposed through an unauthenticated HTTP endpoint. An attacker can send a crafted GET request to the
/data/activation.json endpoint with specific headers and cookies to retrieve a JSON document containing the wifi password field. This allows unauthorized access to the WiFi network, potentially compromising the confidentiality of network traffic and connected systems.Recommendations
Update to a newer firmware version that addresses this issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sercomm Vfh500
Vodafone H500S