A Local File Inclusion (LFI) issue in the addon CUx-Daemon 1.11a of the eQ-3 Homematic CCU-Firmware 2.35.16 until 2.45.6 allows remote authenticated malicious users to read sensitive files via a simple HTTP Request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eq-3 cux-daemon |
||
eq-3 ccu2_firmware |