Posted by RedTeam Pentesting GmbH on Jan 07

Advisory: AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated
Firmware Images

The firmware upgrade process of the FRITZ!Box 7490 is flawed. Specially
crafted firmware images can overwrite critical files. Arbitrary code can
get executed if an attempt is made to install such a manipulated
firmware.

Details
=======

Product: AVM FRITZ!Box 7490, possibly others
Affected Versions: versions prior to 6.30 [0]
Fixed Versions: >=…