CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-7301

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.0%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://atomic111.github.io/article/homematic-ccu2-xml-rpc
http://atomic111.github.io/article/homematic-ccu2-xml-rpc

Products affected by CVE-2018-7301

Eq-3 » Homematic Central Control Unit Ccu2 » Version: N/A

cpe:2.3:h:eq-3:homematic_central_control_unit_ccu2:-
Eq-3 » Homematic Central Control Unit Ccu2 Firmware » Version: 2.29.22

cpe:2.3:o:eq-3:homematic_central_control_unit_ccu2_firmware:2.29.22

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-7301

Products

Pricing

Contact Us