eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn prior to 2.3.0 installed allow administrative operations by unauthenticated attackers with access to the web interface, because features such as File-Browser and Shell Command (as well as "Set root password") are exposed.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eq-3 homematic_ccu2_firmware |
||
eq-3 homematic_ccu3_firmware |