10 matches found
CVE-2019-16199
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process...
CVE-2019-16199
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process...
CVE-2019-16199
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process...
Remote code execution
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process...
CVE-2019-16199
CVE-2019-16199 affects eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18. The issue enables Remote Code Execution by unauthenticated attackers who can reach the device’s web interface and issue an HTTP POST to URLs related to the ReGa core process. The Red Hat/NVD entries corroborate una...
CVE-2019-16199
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process...
eQ-3 Homematic CCU3 Input Validation Error Vulnerability
The eQ-3 Homematic CCU3 is a central control unit for smart home systems from eQ-3 Germany. An input validation error vulnerability exists in the 'Call' function of the ReGa core logic process in eQ-3 Homematic CCU3 3.47.15 and earlier versions, which can be exploited by an attacker to cause a...
CVE-2019-14474
eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in function 'Call' of ReGa core logic process, resulting in the ability to start a Denial of Service. Due to Improper Authorization an attacker can obtain a session ID from CVE-2019-9583 or a valid guest/user/admin account can...
Authorization
eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in function 'Call' of ReGa core logic process, resulting in the ability to start a Denial of Service. Due to Improper Authorization an attacker can obtain a session ID from CVE-2019-9583 or a valid guest/user/admin account can...
CVE-2019-14474
eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in function 'Call' of ReGa core logic process, resulting in the ability to start a Denial of Service. Due to Improper Authorization an attacker can obtain a session ID from CVE-2019-9583 or a valid guest/user/admin account can...