Lucene search
PRIOn knowledge basePRION:CVE-2020-12834HistoryMay 15, 2020 - 5:15 p.m.
Design/Logic Flaw
2020-05-1517:15:00
PRIOn knowledge base
www.prio-n.com
3
eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup (or factory reset).
| CPE | Name | Operator | Version |
|---|---|---|---|
| ccu3_firmware | le | 3.51.6 | |
| homematic_ccu2_firmware | le | 2.51.6 |
References
Related
cvelist
cvelist
CVE-2020-12834
2020-05-15 16:14:49
cve
cve
CVE-2020-12834
2020-05-15 17:15:12
nvd
nvd
CVE-2020-12834
2020-05-15 17:15:12