← back
CVE-2018-7297

CVE-2018-7297

EPSS 65.3%
Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44368/unverifiedexploitdbwww.exploit-db.com/exploits/44368unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://atomic111.github.io/article/homematic-ccu2-remote-code-executionhttps://www.exploit-db.com/exploits/44368/