QwikSec

Security Database

CVE

CWE

Training

CVE-2018-7297

Published: Feb 22, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://atomic111.github.io/article/homematic-ccu2-remote-code-execution

x_refsource_MISC

exploit

x_refsource_EXPLOIT-DB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.