CVE-2018-7299

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
22/02/2018
Last modified:
03/10/2019

Description

Remote Code Execution in the addon installation process in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows authenticated attackers to create or overwrite arbitrary files or install malicious software on the device.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:eq-3:homematic_central_control_unit_ccu2_firmware:*:*:*:*:*:*:*:* 2.29.22 (including)
cpe:2.3:h:eq-3:homematic_central_control_unit_ccu2:-:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools