VYPR

Homematic CCU2

by eQ-3

CVEs (28)

  • CVE-2018-7299HigFeb 22, 2018
    risk 0.52cvss 8.0epss 0.01

    Remote Code Execution in the addon installation process in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows authenticated attackers to create or overwrite arbitrary files or install malicious software on the device.

  • CVE-2019-9726HigMay 13, 2019
    risk 0.50cvss 7.5epss 0.16

    Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.

  • CVE-2019-9582HigAug 14, 2019
    risk 0.49cvss 7.5epss 0.02

    eQ-3 Homematic CCU2 outdated base software packages allows Denial of Service. CCU2 affected versions: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15.

  • CVE-2019-14474HigAug 7, 2019
    risk 0.49cvss 7.5epss 0.02

    eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in function 'Call()' of ReGa core logic process, resulting in the ability to start a Denial of Service. Due to Improper Authorization an attacker can obtain a session ID from CVE-2019-9583 or a valid…

  • CVE-2019-14475HigAug 5, 2019
    risk 0.49cvss 7.5epss 0.02

    eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a…

  • CVE-2019-9727HigMay 13, 2019
    risk 0.49cvss 7.5epss 0.02

    Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to retrieve the GUI password hashes of GUI users. This vulnerability can be exploited by unauthenticated attackers with access to the web…

  • CVE-2019-15849HigOct 17, 2019
    risk 0.48cvss 7.3epss 0.01

    eQ-3 HomeMatic CCU3 firmware 3.41.11 allows session fixation. An attacker can create session IDs and send them to the victim. After the victim logs in to the session, the attacker can use that session. The attacker could create SSH logins after a valid session and easily…

  • CVE-2018-7296MedFeb 22, 2018
    risk 0.35cvss 5.3epss 0.02

    Directory Traversal / Arbitrary File Read in User.getLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to read the first line of an arbitrary file on the CCU2's filesystem. This vulnerability can be exploited by unauthenticated attackers with…

Page 2 of 2