vendor:
Fritz!Box
by:
0x4148
7.5
CVSS
HIGH
Unauthenticated remote command execution
78
CWE
Product Name: Fritz!Box
Affected Version From:
Affected Version To:
Patch Exists: YES
Related CWE:
CPE: h:avm:fritz!box
Platforms Tested:
Fritz!Box Unauthenticated Remote Command Execution
The Fritz!Box networking/voice over IP router produced by AVM is vulnerable to unauthenticated remote command execution. An attacker can exploit this vulnerability by sending a crafted request to the router's web interface, allowing them to execute arbitrary commands on the device.
Mitigation:
AVM has released a security update that addresses this vulnerability. It is recommended to apply the latest firmware update to mitigate the risk.