eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-11-14T18:53:08

Updated: 2024-08-05T02:02:39.744Z

Reserved: 2019-11-13T00:00:00

Link: CVE-2019-18939

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-11-14T19:15:13.410

Modified: 2024-11-21T04:33:52.900

Link: CVE-2019-18939

cve-icon Redhat

No data.