Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup (or factory reset).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
eQ-3 Homematic CCU2和CCU3 安全漏洞
Vulnerability Description
eQ-3 Homematic CCU3和eQ-3 HomeMatic CCU2都是德国eQ-3公司的一款智能家居系统的中央控制单元。 eQ-3 Homematic CCU2 2.51.6及之前版本和CCU3 3.51.6及之前版本中存在安全漏洞,该漏洞源于在第一次设置(或恢复出厂设备)时,开启了默认的自动登录功能。攻击者可借助JSON API方法的ReGa.runScript利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A