VYPR

CUx-Daemon

by eQ-3

CVEs (2)

  • CVE-2019-14423HigOct 17, 2019
    risk 0.59cvss 8.8epss 0.20

    A Remote Code Execution (RCE) issue in the addon CUx-Daemon 1.11a of the eQ-3 Homematic CCU-Firmware 2.35.16 until 2.45.6 allows remote authenticated attackers to execute system commands as root remotely via a simple HTTP request.

  • CVE-2019-14424MedOct 17, 2019
    risk 0.42cvss 6.5epss 0.01

    A Local File Inclusion (LFI) issue in the addon CUx-Daemon 1.11a of the eQ-3 Homematic CCU-Firmware 2.35.16 until 2.45.6 allows remote authenticated attackers to read sensitive files via a simple HTTP Request.