CVE-2019-18938
CVE-2019-18938 affects eQ-3 Homematic CCU2 (2.47.20) and CCU3 (3.47.18) with the E-Mail AddOn up to 1.6.8.c. The vulnerability enables Remote Code Execution by unauthenticated attackers who can access the device web interface, exploiting payload upload via save.cgi and execution via testtcl.cgi. ...