eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eq-3 homematic_ccu2_firmware 2.41.5 |
||
eq-3 homematic_ccu2_firmware 2.41.9 |
||
eq-3 homematic_ccu2_firmware 2.35.16 |
||
eq-3 homematic_ccu2_firmware 2.45.7 |
||
eq-3 homematic_ccu2_firmware 2.47.10 |
||
eq-3 homematic_ccu2_firmware 2.47.12 |
||
eq-3 homematic_ccu2_firmware 2.47.15 |
||
eq-3 homematic_ccu2_firmware 2.41.8 |
||
eq-3 homematic_ccu2_firmware 2.45.6 |
||
eq-3 homematic_ccu3_firmware 3.47.10 |
||
eq-3 homematic_ccu3_firmware 3.41.11 |
||
eq-3 homematic_ccu3_firmware 3.43.16 |
||
eq-3 homematic_ccu3_firmware 3.45.5 |
||
eq-3 homematic_ccu3_firmware 3.45.7 |
||
eq-3 homematic_ccu3_firmware 3.47.15 |