Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2020/05/18 12:0 a.m.1 views

Unspecified Vulnerabilities in eQ-3 Homematic CCU2 and CCU3

The eQ-3 Homematic CCU3 and eQ-3 HomeMatic CCU2 are both central control units for a smart home system from eQ-3 Germany. A security vulnerability exists in eQ-3 Homematic CCU2 version 2.51.6 and earlier and CCU3 version 3.51.6 and earlier, which stems from turning on the default automatic login...

9.8CVSS7.3AI score0.45806EPSS
Exploits1References1
OSV
OSVadded 2019/08/14 8:15 p.m.1 views

CVE-2019-9583

eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for CCU2: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. Affected versions for CCU3: 3.41.11, 3.43.16, 3.45.5,...

8.2CVSS7.1AI score0.00147EPSS
Exploits1References2
OSV
OSVadded 2019/08/14 8:15 p.m.2 views

CVE-2019-9582

eQ-3 Homematic CCU2 outdated base software packages allows Denial of Service. CCU2 affected versions: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15...

7.5CVSS7.1AI score0.00173EPSS
Exploits1References2
OSV
OSVadded 2019/08/06 7:15 p.m.1 views

CVE-2019-14473

eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but lack authorization checks. Consequently, a valid guest level or user level account can create a new admin level account, read the service messages, clear the system protocol or modify/delete internal programs, etc. pp...

8.8CVSS7.3AI score0.00615EPSS
Exploits1References1
OSV
OSVadded 2019/08/05 8:15 p.m.1 views

CVE-2019-14475

eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a new user in the...

7.5CVSS7.1AI score0.00488EPSS
Exploits1References1
OSV
OSVadded 2019/07/10 12:15 p.m.1 views

CVE-2019-10120

On eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16, automatic login configuration aka setAutoLogin can be achieved by continuing to use a session ID after a logout, aka HMCCU-154...

8.8CVSS7.3AI score0.00183EPSS
Exploits0References2
CNVD
CNVDadded 2018/02/23 12:0 a.m.2 views

eQ-3 AG HomeMatic CCU2 Open XML-RPC Port Vulnerability

The eQ-3 AG Homematic CCU2 is a central control unit for controlling smart home devices from eQ-3 Germany. A security vulnerability exists in the eQ-3 AG HomeMatic CCU2 version 2.29.22. An attacker can exploit the vulnerability by sending arbitrary XML-RPC requests to control attached BidCos...

9.8CVSS6.9AI score0.00221EPSS
Exploits0References1
Rows per page
Query Builder