eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E...
High severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Jan 28, 2023
Description
Published by the National Vulnerability Database
Nov 14, 2019
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Jan 28, 2023
eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn through 1.6.8.c installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the save.cgi script for payload upload and the testtcl.cgi script for its execution.
References