Vulnerabilities (CVE)

Vendor filter

Eq-3 Subscribe

Product filter

Homematic Ccu2 Firmware Subscribe

Filter

4 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-9584 1 Eq-3 2 Homematic Ccu2 Firmware, Homematic Ccu3 Firmware 2019-08-27 7.5
eQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3 allows uncontrolled admin access, resulting in the ability to obtain VPN profile details, shutting down the VPN service and to delete the VPN service configuration. This is related to improper...
CVE-2019-9582 1 Eq-3 1 Homematic Ccu2 Firmware 2019-08-27 7.8
eQ-3 Homematic CCU2 outdated base software packages allows Denial of Service. CCU2 affected versions: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15.
CVE-2019-14984 1 Eq-3 2 Homematic Ccu2 Firmware, Homematic Ccu3 Firmware 2019-08-21 6.8
eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because the undocumented addons/xmlapi/exec.cgi script uses CMD_EXEC to execute...
CVE-2019-14985 1 Eq-3 2 Homematic Ccu2 Firmware, Homematic Ccu3 Firmware 2019-08-21 7.5
eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because this interface can access the CMD_EXEC virtual device type 28.