Remote Code Execution in eQ-3 Homematic CCU2 and CCU3 with CUxD AddOn

Remote Code Execution in eQ-3 Homematic CCU2 and CCU3 with CUxD AddOn

CVE-2019-14985 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28.

Learn more about our Web App Pen Testing.