Avm

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-26887 1Avm 1Fritz!box 7490 Firmware Nov 21, 2024 Oct 23, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a DNS Rebinding protection mechanism.
CVE-2017-8087 1Avm 1Fritz!os Nov 21, 2024 Oct 22, 2019 N/A· v4 2.4 LOW· v3 2.1 LOW· v2 Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS 6.80 and 6.83 allows physically proximate attackers to view slices of previously transmitted packets or portions of memory...Show more Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS 6.80 and 6.83 allows physically proximate attackers to view slices of previously transmitted packets or portions of memory via via unspecified vectors.Show less
CVE-2014-8872 1Avm 2Fritz!box 6810 Lte Firmware Fritz!box 6840 Lte Firmware May 13, 2026 Aug 29, 2017 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 LTE after firmware 5.22, FRITZ!Box 6840 LTE after firmware 5.23, and other models with firmware 5.50.
CVE-2015-7242 1Avm 1Fritz! Os May 6, 2026 Jan 12, 2016 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVIT...Show more Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message.Show less
CVE-2014-8886 1Avm 1Fritz! Os May 6, 2026 Jan 8, 2016 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote attackers to create symlinks or overwrite critical files, and consequently execute ar...Show more AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote attackers to create symlinks or overwrite critical files, and consequently execute arbitrary code, via a crafted firmware image.Show less
CVE-2014-9727 1Avm 1Fritzbox May 6, 2026 May 29, 2015 N/A· v4 N/A· v3 10.0 HIGH· v2 AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter to cgi-bin/webcm.
CVE-2007-0431 1Avm 1Fritzbox Apr 23, 2026 Jan 23, 2007 N/A· v4 N/A· v3 7.8 HIGH· v2 AVM Fritz!Box 7050, and possibly other product models, allows remote attackers to cause a denial of service (VoIP application crash) via a zero-length UDP packet to the SIP port (port 5060).
CVE-2000-0262 1Avm 1Ken Apr 16, 2026 Apr 12, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request.
CVE-2000-0261 1Avm 1Ken Apr 16, 2026 Apr 12, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.