Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T06:24:11.828Z

Reserved: 2018-02-21T00:00:00

Link: CVE-2018-7297

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-02-22T19:29:04.810

Modified: 2024-11-21T04:11:57.443

Link: CVE-2018-7297

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.