CVE-2014-8872

HIGH

AVM FRITZ!Box - Cryptographic Signature Verification

Title source: llm
STIX 2.1

Description

Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 LTE after firmware 5.22, FRITZ!Box 6840 LTE after firmware 5.23, and other models with firmware 5.50.

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/130040/AVM-FRITZ-Box-Firmware-Signature-Bypass.html
Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Jan/86
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534522/100/0/threaded

Scores

CVSS v3 7.8
EPSS 0.0150
EPSS Percentile 71.1%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-94
Status published
Products (2)
avm/fritz\!box_6810_lte_firmware
avm/fritz\!box_6840_lte_firmware
Published Aug 29, 2017
Tracked Since Feb 18, 2026