At the beginning of September, AVM made security patches available for several Fritzbox and repeater models. Previously, it was also possible to attack AVMs that had access disabled remotely via a compromised website.
AVM Computersysteme Vertriebs GmbH is a German networking hardware manufacturer best known for its Fritzbox routers. At the beginning of September, AVM distributed “critical stability and security updates,” e.g Haze Online mentioned. Even nearly 15-year-old devices like the Fritzbox 7390 have been provided with security patches by the Berlin-based hardware manufacturer.
Even though remote access was turned off, the attack was possible
the Patch notes of FritzOS with build number 7.57 as of September 4, 2023 talks only about a security update and promises that “details […] “It will be published at a later date,” however, the patched vulnerability is said to be loud Golem This may be a vulnerability in the web server’s AVM hardware.
All that is needed for the attack is a compromised website that redirects the user to the Fritzbox web interface in their own network. Even a password does not provide any protection here, as the vulnerability in the web server can be exploited even without a password. This means that attackers could theoretically overwrite the configuration of Fritzbox routers, even if remote access is deactivated on the devices.
Updating to version 7.57 closes the critical vulnerability
For security reasons, further details about this vulnerability in AVMs are not described. However, users of Fritzbox routers are advised to check through the Fritzbox web interface, which is accessible by default via the “fritz.box” URL in the browser. The vulnerability has been closed with FritzOS 7.57.
However, hardware manufacturer AVM is not following a uniform pattern here: while the gap in the current FritzOS 7.57 operating system has been closed, older devices receive the security update with different version numbers, for example 6.56 or 7.31. In addition, not only Fritz boxes, but also Berlin company repeaters were affected by the vulnerability.
“Social media evangelist. Baconaholic. Devoted reader. Twitter scholar. Avid coffee trailblazer.”