CVE-2019-14986

  • Published Date: Tue 13 Aug 2019
  • Last Modified Date: Wed 21 Aug 2019

eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0 installed allow administrative operations by unauthenticated attackers with access to the web interface, because features such as File-Browser and Shell Command (as well as "Set root password") are exposed.

Impact

Severity: HIGH
Exploitability Score: 8.6
Impact Score: 10.0
Attack Vector (AV): NETWORK
Attack Complexity (AC): MEDIUM
Privileges Required (PR): NONE
Availability (A): COMPLETE

References (Advisories, Solutions, and Tools):



Note: This page is generated by our securitybot and has not been checked for errors. Feed Source: NVD