CVE-2024-54767
published 2025-01-06CVE-2024-54767: An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without…
PriorityP354high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
1.77%
75.4th percentile
An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without authentication. NOTE: this is disputed by the Supplier because it cannot be reproduced, and the issue report focuses on an unintended configuration with direct Internet exposure.
Detection & IOCsextracted from sources · hover to see the quote
- →HTTP GET request to double-slash path //juis_boxinfo.xml returns HTTP 200 with Content-Type text/xml and body containing '<e:BoxInfo' — indicates unauthenticated access to sensitive device info.
- →Response body contains the XML tag '<e:BoxInfo' as a positive indicator of successful unauthenticated information disclosure.
- →Response Content-Type header is 'text/xml' when the vulnerable endpoint is successfully accessed.
- →FOFA query 'body="FRITZ!Box 7530"' can be used to identify internet-exposed FRITZ!Box 7530 devices for mass scanning detection.
- ·The vulnerability is disputed by the supplier (AVM) as it cannot be reproduced in standard configurations; the issue is reported to occur only when the device is directly exposed to the Internet (unintended configuration). ↗
- ·The vulnerable path uses a double-slash prefix (//juis_boxinfo.xml) rather than the canonical single-slash path, which may be relevant to bypassing access controls and should be tested specifically with the double-slash variant.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
AVM FRITZ!Box 7530 AX - Unauthorized Access
nuclei·CVSS 7.5
CVE-2024-54767 [HIGH] AVM FRITZ!Box 7530 AX - Unauthorized Access
AVM FRITZ!Box 7530 AX - Unauthorized Access
An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without authentication.
Template:
id: CVE-2024-54767
info:
name: AVM FRITZ!Box 7530 AX - Unauthorized Access
author: DhiyaneshDK
severity: high
description: |
An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without authentication.
impact: |
Unauthenticated attackers can access sensitive device information including firmware version, serial numbers, and configuration details through the boxinfo XML endpoint.
remediation: |
Update AVM FRITZ!Box 7530 AX to a version later than 7.59 that addresses the unauthorized access
No writeups or analysis indexed.
2025-01-06
Published