CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-54767

High Severity
SVRS
68/100
CVSSv3
7.5/10
EPSS
0.07753/1

CVE-2024-54767 is a reported access control vulnerability in AVM FRITZ!Box 7530 AX v7.59, potentially exposing sensitive information. Specifically, the /juis_boxinfo.xml component is affected. While the vendor disputes the vulnerability's reproducibility and attributes it to a misconfiguration leading to direct internet exposure, it remains a point of concern. The CVSS score is 7.5. However, with a SOCRadar Vulnerability Risk Score (SVRS) of 68, the risk level suggests careful monitoring and possible investigation rather than immediate critical action. Successful exploitation could allow unauthorized access to sensitive device information, impacting device security and privacy. Users should review their FRITZ!Box configuration to ensure it's not directly exposed to the Internet and stay updated on any official vendor statements. Although categorized under CWE-203 (Information Exposure), the contested nature of this vulnerability warrants a cautious approach to remediation.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:H
I:N
A:N
PUBLICATION DATE2025-04-02
LAST MODIFIED2025-01-06

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-54767 | AVM Fritz Box 7530 AX 7.59 /juis_boxinfo.xml information disclosure
vuldb.com2025-01-07
CVE-2024-54767 | AVM Fritz Box 7530 AX 7.59 /juis_boxinfo.xml information disclosure | A vulnerability classified as problematic was found in AVM Fritz Box 7530 AX 7.59. Affected by this vulnerability is an unknown functionality of the file /juis_boxinfo.xml. The manipulation leads to information disclosure. This vulnerability is known as CVE-2024-54767. The attack needs to be done within the local network. There is
vuldb.com
rss
forum
news

Social Media

CVE-2024-54767 Unauthorized Access to Sensitive Data in AVM FRITZ!Box 7530 AX An access control issue is found in the /juis_boxinfo.xml component of AVM FRITZ!Box 7530 AX v7.59. This issue lets attackers get sens... https://t.co/nBGvTxKMG3
0
0
0
CVE-2024-54767 An access control issue in the component /juis_boxinfo.xml of AVM FRITZ!Box 7530 AX v7.59 allows attackers to obtain sensitive information without authentication. https://t.co/SOAOKhU4fz
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
CVE@MITRE.ORGhttps://github.com/Shuanunio/CVE_Requests/blob/main/AVM/fritz/AVM_FRITZ%21Box_7530%20AX_unauthorized_access_vulnerability_first.md
GITHUBhttps://github.com/Shuanunio/CVE_Requests/blob/main/AVM/fritz/AVM_FRITZ!Box_7530%20AX_unauthorized_access_vulnerability_first.md

CWE Details

CWE IDCWE NameDescription
CWE-203Observable DiscrepancyThe product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence