CVE-2024-54767

HIGH NUCLEI

AVM FRITZ!Box 7530 AX v7.59 - Info Disclosure

Title source: llm

Exploitation Summary

CVE-2024-54767 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.

Description

An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without authentication. NOTE: this is disputed by the Supplier because it cannot be reproduced, and the issue report focuses on an unintended configuration with direct Internet exposure.

Nuclei Templates (1)

AVM FRITZ!Box 7530 AX - Unauthorized Access

HIGHVERIFIEDby DhiyaneshDK

FOFA: body="FRITZ!Box 7530"

References (2)

Core 2

Core References

Various Sources

https://github.com/Shuanunio/CVE_Requests/blob/main/AVM/fritz/AVM_FRITZ%21Box_7530%20AX_unauthorized_access_vulnerability_first.md

View Writeup ZIP pw:eip

Issue Tracking

https://github.com/Shuanunio/CVE_Requests/issues/1

Scores

CVSS v3 7.5

EPSS 0.0177

EPSS Percentile 75.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-203

Status published

Published Jan 06, 2025

Tracked Since Feb 18, 2026