Exploit for #VU95165 Command Injection in AVM1203

Published: 2024-09-06 | Updated: 2024-10-11

Vulnerability identifier: #VU95165

Vulnerability risk: High

CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2024-7029

CWE-ID: CWE-77

Exploitation vector: Network

Exploits in database: 3

October 11, 2024
- CVE-2024-7029 [Github]
September 6, 2024
- CVE-2024-7029 (A PoC tool for exploiting CVE-2024-7029 in AvTech devices, enabling RCE, vulnerability scanning, and an interactive shell.) [Github]
- CVE-2024-7029-EXPLOIT () [Github]

Vulnerable software:
AVM1203
Hardware solutions / Security hardware applicances

Vendor: AVTECH Corporation