Eq-3 Homematic Central Control Unit Ccu2 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Eq-3 Homematic Central Control Unit Ccu2 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-7297 — CVSS 9.8 (critical): Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain…
CVE-2018-7301 — CVSS 9.8 (critical): eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC…
CVE-2018-7298 — CVSS 8.1 (high): In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software update packages are downloaded via the…
CVE-2018-7299 — CVSS 8.0 (high): Remote Code Execution in the addon installation process in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows authenticated attackers to…
CVE-2018-7296 — CVSS 5.3 (medium): Directory Traversal / Arbitrary File Read in User.getLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers…