Medium severity5.3NVD Advisory· Published Feb 22, 2018· Updated Jun 17, 2026
CVE-2018-7296
CVE-2018-7296
Description
Directory Traversal / Arbitrary File Read in User.getLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to read the first line of an arbitrary file on the CCU2's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=2.29.2
Patches
Vulnerability mechanics
References
1- atomic111.github.io/article/homematic-ccu2-filereadnvdThird Party Advisory
News mentions
0No linked articles in our index yet.