CVE-2024-54767 Scanner

CVE-2024-54767 Scanner - Information Disclosure vulnerability in AVM FRITZ!Box 7530 AX

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

3 weeks 8 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

AVM FRITZ!Box 7530 AX is a popular router used worldwide for both home and small business internet access. It provides robust broadband connectivity, voice services, and advanced networking capabilities. The device is favored for its easy setup, reliable performance, and broad support for various standards. Users can manage their network settings easily via a web-based interface. The FRITZ!Box 7530 AX also supports wireless connections, catering to mobile and static devices alike and featuring parental controls and guest access functions. Its flexibility and versatility make it suitable for diverse networking environments.

The information disclosure vulnerability identified in the FRITZ!Box 7530 AX allows unauthorized users to obtain sensitive information. This access control issue is located in the /juis_boxinfo.xml component, which lacks proper authentication measures. Exploiting this flaw, an attacker can retrieve confidential data that should otherwise be protected. Such vulnerabilities can arise from insufficient validation or overly permissive access controls. The vulnerability poses significant security risks if an attacker accesses sensitive rows like configurations, network details, or user information.

Technically, the issue lies within the /juis_boxinfo.xml endpoint that inadvertently exposes sensitive information. The HTTP GET request to this endpoint yields sensitive data without proper authentication controls. The response from this endpoint, when improperly managed, can provide an attacker with system details and internal configurations. Verification via XML content in the response body further confirms unauthorized information retrieval. The presence of a 200 status code alongside XML content type indicates an unprotected access channel. This vulnerability can be abused through simple HTTP requests directed at vulnerable devices.

Exploiting this vulnerability could potentially lead to severe data breaches and privacy issues. Sensitive information such as network configurations, IP addresses, and device-specific settings could be extracted. Malicious entities may leverage this data for further attacks or unauthorized access. Privacy intrusions might compromise the security of communication and stored data on the network. The exposure of this information might also provide a roadmap for more targeted exploits, enhancing the risk of significant network compromise. Unauthorized data access might undermine user trust and lead to legal repercussions regarding privacy rights.

REFERENCES

Get started to protecting your digital assets