exploitDog

GHSA-x5g4-5xch-2jmm

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices.

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices.

Ссылки

EPSS

Процентиль: 44%

0.00221

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-306

Связанные уязвимости

CVE-2018-7301

CVSS3: 9.8

nvd

почти 8 лет назад

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices.

EPSS

Процентиль: 44%

0.00221

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-306