CVE-2024-54767

HIGH NUCLEI

AVM FRITZ!Box 7530 AX v7.59 - Info Disclosure

Title source: llm

Description

An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without authentication. NOTE: this is disputed by the Supplier because it cannot be reproduced, and the issue report focuses on an unintended configuration with direct Internet exposure.

Nuclei Templates (1)

AVM FRITZ!Box 7530 AX - Unauthorized Access

HIGHVERIFIEDby DhiyaneshDK

FOFA: body="FRITZ!Box 7530"

References (2)

[Various Sources] https://github.com/Shuanunio/CVE_Requests/blob/main/AVM/fritz/AVM_FRITZ%21Box_7530%20AX_unauthorized_access_vulnerability_first.md

View Writeup ZIP pw:eip

[Issue Tracking] https://github.com/Shuanunio/CVE_Requests/issues/1

Scores

CVSS v3 7.5

EPSS 0.0451

EPSS Percentile 89.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-203

Status published

Published Jan 06, 2025

Tracked Since Feb 18, 2026