eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://psytester.github.io/CVE-2019-18939/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-11-14T18:53:08
Updated: 2024-08-05T02:02:39.744Z
Reserved: 2019-11-13T00:00:00
Link: CVE-2019-18939
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-11-14T19:15:13.410
Modified: 2024-11-21T04:33:52.900
Link: CVE-2019-18939
Redhat
No data.