AVM FRITZ!Box Firmware Signature Bypass CVE-2014-8872
- CVSSv3 Score
- Vulnerability description
Multiple AVM FRITZ!Box devices are using an improper verification of cryptographic signatures.
- Risk description
The signature check of FRITZ!Box firmware images is flawed. Malicious code can be injected into firmware images without breaking the RSA signature. The code will be executed either if a manipulated firmware image is uploaded by the victim or if the victim confirms an update on the webinterface during a MITM attack.
Updates are available. Please see the references or the script output on the available updates for the matching model.
- Not available