Arbitrary File Creation and Software Installation Vulnerability in eQ-3 AG Homematic CCU2 2.29.2 and Earlier

Arbitrary File Creation and Software Installation Vulnerability in eQ-3 AG Homematic CCU2 2.29.2 and Earlier

CVE-2018-7299 · MEDIUM Severity

AV:A/AC:L/AU:S/C:P/I:P/A:P

Remote Code Execution in the addon installation process in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows authenticated attackers to create or overwrite arbitrary files or install malicious software on the device.

Learn more about our Web Application Penetration Testing UK.