VYPR

Homematic Central Control Unit CCU2

by eQ-3

CVEs (1)

  • CVE-2020-12834CriMay 15, 2020
    risk 0.65cvss 9.8epss 0.11

    eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during…