Remote code execution

2019-11-1419:15:00

PRIOn knowledge base

www.prio-n.com

9.8 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

85.9%

JSON

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.

CPENameOperatorVersion
homematic_ccu2_firmwareeq2.47.20
homematic_ccu2_firmwareeq2.47.20
homematic_ccu3_firmwareeq3.47.18
homematic_ccu3_firmwareeq3.47.18
hm-printeq1.2.97
hm-printeq1.2
hm-printeq1.2.97
hm-printeq1.2

Name	Operator	Version
homematic_ccu2_firmware	eq	2.47.20
homematic_ccu2_firmware	eq	2.47.20
homematic_ccu3_firmware	eq	3.47.18
homematic_ccu3_firmware	eq	3.47.18
hm-print	eq	1.2.97
hm-print	eq	1.2
hm-print	eq	1.2.97
hm-print	eq	1.2

References

psytester.github.io/CVE-2019-18939/